Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fixed the usage of devicegetnamedchildnode The documentation for devicegetnamedchildnode mentions this important point: “The caller is responsible for calling fwnodehandleput on the returned fwnode...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fixed a NULL pointer dereference in cs35l41getacpimutestate. The return value of the function acpievaluatedsm is dereferenced without checking for NULL. However, this check is usually performed for this...

CLSA-2026-1777614651 kernel: Fix of 52 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005738 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005421)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005421 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowin...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005689 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992237 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowin...

UBUNTU-CVE-2025-68345

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41hdareadacpi The acpigetfirstphysicalnode function can return NULL, in which case the getdevice function also returns NULL, but this value is then dereferenced without...

CVE-2025-68345 ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi()

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41hdareadacpi The acpigetfirstphysicalnode function can return NULL, in which case the getdevice function also returns NULL, but this value is then dereferenced without...

CVE-2025-68345

In CVE-2025-68345, the Linux kernel vulnerability affects the ALSA: hda driver for cs35l41. The issue is a NULL pointer dereference in cs35l41_hda_read_acpi(): if acpi_get_first_physical_node() returns NULL, get_device() also returns NULL, and the code dereferences that value without a NULL check...

Linux Distros Unpatched Vulnerability : CVE-2025-68345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41hdareadacpi The acpigetfirstphysicalnode function can return NULL, in which case the getdevice functi...

Oracle Linux 7 : kernel (ELSA-2025-21063)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21063 advisory. - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373...

CVE-2025-68205 ALSA: hda/hdmi: Fix breakage at probing nvhdmi-mcp driver

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/hdmi: Fix breakage at probing nvhdmi-mcp driver After restructuring and splitting the HDMI codec driver code, each HDMI codec driver contains the own buildcontrols and buildpcms ops. A copy-n-paste error put the wrong...

CVE-2025-68205

CVE-2025-68205 relates to the Linux kernel ALSA hda/hdmi nvhdmi-mcp driver. After restructuring HDMI codec drivers, the nvhdmi-mcp driver had swapped build_controls and build_pcms entries, causing a NULL dereference when the PCM instance was uninitialized. The issue was fixed by correcting the en...

CVE-2025-68205 ALSA: hda/hdmi: Fix breakage at probing nvhdmi-mcp driver

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/hdmi: Fix breakage at probing nvhdmi-mcp driver After restructuring and splitting the HDMI codec driver code, each HDMI codec driver contains the own buildcontrols and buildpcms ops. A copy-n-paste error put the wrong...

PT-2025-51618

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ALSA subsystem, specifically within the HDMI codec driver code related to the nvhdmi-mcp driver. A copy-and-paste error swapped the build controls and...

CVE-2023-53788

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuningctlset tuningctlset might have buffer overrun at X if it didn't break from loop by matching A. static int tuningctlset... for i = 0; i TUNINGCTLSCOUNT; i++ A if nid ==...

UBUNTU-CVE-2023-53788

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuningctlset tuningctlset might have buffer overrun at X if it didn't break from loop by matching A. static int tuningctlset... for i = 0; i TUNINGCTLSCOUNT; i++ A if nid ==...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990918)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990918 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990794 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix potential memleak in 'addwidgetnode' As 'kobjectadd' may allocated memory for...