Linux Distros Unpatched Vulnerability : CVE-2026-45963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: nau8821: Cancel delayed work on component remove Attempting to unload the driver while a jack detection work is pending would likely crash the kernel when...

EUVD-2024-53783

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: core: Check for rtd == NULL in sndsocremovepcmruntime sndsocremovepcmruntime might be called with rtd == NULL which will leads to null pointer dereference...

CVE-2022-50015 ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...

CVE-2025-37941 ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe()

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937xsoccodecprobe When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing 'wcd937x-clshinfo', which is allocated by...

CVE-2025-37793

CVE-2025-37793 affects the Linux kernel ASoC: Intel avs driver. The vulnerability arises when avs_component_probe() dereferences a NULL from devm_kasprintf() if memory allocation fails, leading to a NULL pointer dereference. A fix was implemented in the kernel to check for NULL from devm_kasprint...

CVE-2025-39930

CVE-2025-39930 affects the Linux kernel ASoC simple-card-utils component. The issue arises from graph_util_parse_dai() freeing a device_node with __free(), which was kept alive by the driver during use. A patch (commit 419d1918105e) changes handling to not free device_node in graph_util_parse_dai...

CVE-2022-49244

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192mt6359devprobe The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls ofnodeput...

CVE-2021-47650

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...

CVE-2022-49518

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

CVE-2022-49518

The CVE-2022-49518 entry maps to a Linux kernel issue in ASoC SOF ipc3-topology where sof_get_control_data() could perform out-of-bounds access if the payload is not bytes. The fix adjusts control counting and data storage: for non-bytes controls, store a pointer to the data and its size (instead...

CVE-2022-49482 ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxssaifprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when done...

CVE-2022-49243

In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Add missing ofnodeput in at91sam9g20ekaudioprobe This node pointer is returned by ofparsephandle with refcount incremented in this function. Calling ofnodeput to avoid the refcount leak...

CVE-2024-57805 ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP The linkDMA should not be released on stop trigger since a stream re-start might happen without closing of the stream. This leaves a short time for other streams to...

CVE-2024-56685

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

CVE-2024-46849

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

CVE-2024-46849

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card-dailink' is reallocated in 'mesoncardreallocatelinks', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report:...

CVE-2024-43896 ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL

In the Linux kernel, the following vulnerability has been resolved: ASoC: cs-amp-lib: Fix NULL pointer crash if efi.getvariable is NULL Call efirtservicessupported to check that efi.getvariable exists before calling it...

CVE-2022-48737

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-38550

In the Linux kernel, the following vulnerability has been resolved: ASoC: kirkwood: Fix potential NULL dereference In kirkwooddmahwparams mvmbusdraminfo returns NULL if CONFIGPLATORION macro is not defined. Fix this bug by adding NULL check. Found by Linux Verification Center linuxtesting.org wit...