ALSA-2026:25120 Critical: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781...

CVE-2026-46004

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed negative period/buffer sizes The calculation of the period size in the OSS layer may generate a negative value as an error. However, the code there assumes only positive values and handles them using sizet. ...

EUVD-2026-26510

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011080)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011080 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuningctlset tuningctlset might have buffer overrun at...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007481 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages...

kernel: Linux kernel: ALSA: ump buffer overflow via malformed UMP SysEx message

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA Universal MIDI Packet UMP driver. This vulnerability allows a buffer overflow and potential memory corruption via a malformed Universal MIDI Packet UMP System Exclusive SysEx message during MIDI 1.0 to UMP conversion...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989335 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989206)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989206 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is...

SUSE CVE-2025-40098

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41getacpimutestate Return value of a function acpievaluatedsm is dereferenced without checking for NULL, but it is usually checked for this function. acpievaluatedsm may...

Linux Distros Unpatched Vulnerability : CVE-2022-50484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the...

EUVD-2019-15100

Malware in sbrugna...

SUSE CVE-2023-53275

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in sndhdacregmapsync The variable codec-regmap is often protected by the lock codec-regmaplock when is accessed. However, it is accessed without holding the lock...

SUSE CVE-2025-38729

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too...

SUSE CVE-2025-38078

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

CVE-2024-57805

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP The linkDMA should not be released on stop trigger since a stream re-start might happen without closing of the stream. This leaves a short time for other streams to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient null pointer checking in the default mmap error handler in the ALSA:pcm module...

AZL-54996 CVE-2024-53150 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descripto...

SUSE CVE-2024-36955

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of devicegetnamedchildnode The documentation for devicegetnamedchildnode mentions this important point: " The caller is responsible for calling fwnodehandleput on the returned fwnode pointer. ...

DEBIAN-CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...