Lucene search
K

133 matches found

RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.8 views

CVE-2026-53348

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 6:29 p.m.9 views

CVE-2026-52963

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA USB audio driver. The driver's handling of MIDI Musical Instrument Digital Interface endpoint descriptors did not properly bound scans, allowing it to read beyond the intended memory buffer. This out-of-bounds read coul...

5.5CVSS5.7AI score0.00184EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 4:25 p.m.7 views

CVE-2026-53052

A flaw was found in the Linux kernel. The Advanced Linux Sound Architecture on Chip ASoC subsystem, specifically within the Qualcomm qdsp6 topology component, fails to verify the type of a virtual widget before accessing its private data. This oversight could allow an attacker to cause incorrect...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 10:41 a.m.9 views

CVE-2026-53242

A flaw was found in the Advanced Linux Sound Architecture ALSA Pulse-Code Modulation PCM component of the Linux kernel. This vulnerability involves a corruption of wait queue lists within the sndpcmdrain function when processing linked streams. An attacker could exploit this issue to trigger a...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 8:49 a.m.6 views

CVE-2026-53193

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. This vulnerability occurs when a timer object is freed while timer instances are still associated with it, particularly when userspace-driven timers are involved. A local user can exploit this by...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.8AI score0.00127EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS5.6AI score0.00141EPSS
Exploits0
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52963

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

0.00184EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.11 views

CVE-2026-52964

The CVE-2026-52964 issue affects the Linux kernel ALSA usb-audio MIDI 2.0 endpoint parsing. The endpoint-descriptor walking logic validates bLength against bNumGrpTrmBlock but not the remaining bytes, allowing a malformed device to cause baAssoGrpTrmBlkID[] reads to read past the descriptor. The ...

5.7AI score0.00175EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fixed potential OOB access in audio mixer handling. In the audio mixer handling code of the ctxfi driver, the conf field is used as a loop index, and it’s referenced in the index callback functions amixerindex and...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 6:16 p.m.10 views

CVE-2026-56109

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS0.00138EPSS
Exploits0References4
OSV
OSV
added 2026/06/22 6:16 p.m.3 views

UBUNTU-CVE-2026-56109

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS5.9AI score0.00138EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:58 p.m.4 views

CVE-2026-56109

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS5.9AI score0.00138EPSS
Exploits0References5
CVE
CVE
added 2026/06/22 3:58 p.m.17 views

CVE-2026-56109

The CVE concerns ALSA Library prior to 1.2.16.1, where a double-free occurs in parse_def() (src/conf.c) due to not validating return values when parsing nested compound or array configuration blocks. This can cause snd_config_delete() to be invoked twice on an already-freed node, leading to NULL-...

7CVSS5.9AI score0.00138EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/19 5:14 p.m.8 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/19 4:39 p.m.8 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed negative period/buffer sizes The calculation of the period size in the OSS layer may generate a negative value as an error. However, the code there assumes only positive values and handles them using sizet. ...

5.5CVSS5.8AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fixed the issue of null pointer dereferencing on the pointer csdesc. The pointer csdesc is returned from sndusbfindclocksource; this pointer may be null, resulting in a potential null pointer dereferencing issue...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 12:0 a.m.60 views

ALSA-2026:25120 Critical: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781...

9.8CVSS6.5AI score0.00563EPSS
Exploits0References28
RedhatCVE
RedhatCVE
added 2026/05/27 5:27 p.m.11 views

CVE-2026-46088

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA control component. Improper validation of the buffer length before a string length operation in the sndctleleminitenumnames function can lead to a system panic. This vulnerability could allow a local attacker to trigger...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
Rows per page
Query Builder