CVE-2026-53193

An ALSA timer vulnerability in the Linux kernel: when snd_timer is freed with pending snd_timer_instance objects, slave instances may still point to the freed timer, risking a user-after-free. The fix forces snd_timer_close_locked for each pending timer instance and adds a SNDRV_TIMER_IFLG_DEAD c...

EUVD-2026-39284

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

CVE-2026-53192

CVE-2026-53192 affects the Linux kernel ALSA timer path. A use-after-free could occur when releasing a timer object (e.g., closing a userspace timer with CONFIG_SND_UTIMER and calling snd_timer_free()) if other in-flight tasks hold the timer instance tied to the to-be-deleted object, and the conc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer – Do not take registermutex with copyfrom/touser. The infamous mmaplock taken during copyfrom/touser can often be problematic when it is called within another mutex, as this may lead to deadlocks. In the case of ALSA...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000760 advisory. sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kern...

MiracleLinux 7 : kernel-3.10.0-693.11.1.el7 (AXSA:2017-2489:10)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2489:10 advisory. It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001000)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001000 advisory. The sndtimeruserparams function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtai...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002924 advisory. The sndtimeruserparams function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtai...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002594 advisory. sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003011 advisory. sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kern...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002774)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002774 advisory. sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993297 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990751 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...

EUVD-2016-5564

Malware in sbrugna...

EUVD-2016-5555

Malware in sbrugna...

EUVD-2017-1539

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986759)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986759 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of sndseqtimeropen The timer instance per queue is exclusive, and...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986295 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...

EUVD-2025-11166

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally...