Lucene search
K

98 matches found

RedHat Linux
RedHat Linux
added 2 days ago6 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.6AI score0.00142EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added last week4 views

CVE-2026-52964

A flaw was found in the Linux kernel's ALSA USB audio component. The USB MIDI 2.0 endpoint parser, responsible for handling audio device descriptors, failed to properly validate the length of these descriptors. This vulnerability could allow a local attacker, by connecting a specially crafted...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38832

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...

5.7AI score0.00175EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers during parsing of Scarlett2 mixer interfaces The Scarlett2 mixer has a quirky behavior in the USB-audio driver; it may encounter a NULL dereference when a malformed USB descriptor is passed...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed out-of-bounds reads when finding clock sources The current USB-audio driver code does not check the bLength of each descriptor during traversal for clock descriptors. This means that when a device provides ...

7.1CVSS6.6AI score0.01325EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: Fixed deadlocks that occurred during the removal of kctl elements at disconnection. In sndcarddisconnect, we set the card-shutdown flag at the beginning, called callbacks, and performed synchronization for the...

5.5CVSS6.2AI score0.00195EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Check for a null pointer of the pointer substream before dereferencing it. The pointer substream is dereferenced during the assignment of the pointer to the card. This occurs before the substream is checked for nullnes...

5.5CVSS5.7AI score0.00247EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 3:49 p.m.10 views

EUVD-2026-34124

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

5.8AI score0.00091EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.6 views

CVE-2026-46146

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.10 views

EUVD-2026-32399

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

5.8AI score0.00156EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.46 views

CVE-2026-46018 ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

0.00156EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/09 2:39 a.m.12 views

SUSE CVE-2026-43279

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28742

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

5.8AI score0.00123EPSS
Exploits0References7
NVD
NVD
added 2026/05/06 12:16 p.m.13 views

CVE-2026-43279

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

7.8CVSS0.00123EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:29 a.m.5 views

CVE-2026-43279

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

5.9AI score0.00123EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/06 11:29 a.m.19 views

CVE-2026-43279

The CVE-2026-43279 entry concerns the Linux kernel ALSA USB-audio subsystem. A discrepancy between playback and capture stream setups (e.g., USB core max packet size) can cause out-of-bounds writes to the buffer, potentially crashing the system. A fix was implemented by adding a sanity check of t...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.10 views

SUSE CVE-2026-31777

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daiodeviceindex, but it's not always true. Add a proper error check to deal with the error from the function...

5.8AI score0.00107EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37619

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA usb-audio component where the system blindly assumes received packets fit the buffer size when silencing playback URB USB Request Block packets in implicit fb...

9.8CVSS5.6AI score0.00595EPSS
Exploits0References383
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.3 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007020 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007444 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix potential memleak in 'addwidgetnode' As 'kobjectadd' may allocated memory for...

5.5CVSS6.2AI score0.00166EPSS
Exploits0References4
Rows per page
Query Builder