Lucene search
K

365 matches found

RedHat Linux
RedHat Linux
added 3 days ago4 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS6.9AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago4 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39193

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

5.8AI score0.00138EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.13 views

CVE-2026-53242

CVE-2026-53242 affects the Linux kernel ALSA PCM path (snd_pcm_drain) on linked streams. The bug arises from wait queue handling: init_waitqueue_entry does not clear prev/next and add_wait_queue/remove_wait_queue sequencing can leave an orphaned wait entry on an old sleep queue after UNLINK, caus...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/06/24 4:29 p.m.3 views

EUVD-2026-38920

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which is no associated with a dsp graph, container and module. Accessing...

5.7AI score0.00172EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-51946

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASOC qcom qdsp6 topology component where the system fails to verify the widget type before accessing private data. This can occur when a virtual widget is not...

6AI score0.00172EPSS
Exploits0References15
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list The struct sdcacontrol structure declares the “values” field as an integer array. However, the memory allocated for this field is actually a char array. This causes a...

5.2AI score0.00158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fixed the OF node leak during probe operations. The reference to the sync provider’s OF node during platform device probing is currently only dropped if the setsync callback fails during DAI probe. Make sure tha...

5.5CVSS5.7AI score0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 10:15 a.m.43 views

CVE-2026-21030

Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions...

6.4CVSS0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/03 7:56 p.m.11 views

CVE-2026-46262

A flaw was found in the Linux kernel's audio subsystem, specifically in the fslxcvr module. This vulnerability allows a local user to trigger a deadlock condition within the system. By attempting to acquire a read lock while already holding a write lock in the same process, the system can become...

5.5CVSS5.8AI score0.00091EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/03 3:49 p.m.12 views

EUVD-2026-34124

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

5.8AI score0.00091EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ASoC fslxcvr module attempting to acquire the controlsrwsem write lock, which is already...

5.5CVSS5.4AI score0.00091EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/28 9:36 a.m.14 views

EUVD-2026-32806

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

5.7AI score0.00122EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:36 a.m.25 views

CVE-2026-46179

In CVE-2026-46179, the Linux kernel ASoC SOF subsystem is vulnerable to a divide-by-zero when reporting the pointer for a compressed stream if stream parameters are unconfigured. The bug arises from dividing the I/O frame position by (channels × container bytes), which defaults to zero until stre...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.31 views

CVE-2026-46179 ASoC: SOF: Don't allow pointer operations on unconfigured streams

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

0.00122EPSS
Exploits0References6
CVE
CVE
added 2026/05/28 9:36 a.m.35 views

CVE-2026-46157

The CVE-2026-46157 entry concerns the ALSA PCM OSS subsystem in the Linux kernel, where runtime.oss.trigger could be accessed concurrently without protection, causing a data race on a bit field and risking corruption of adjacent fields. The issue is addressed by extending the existing params_lock...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.31 views

CVE-2026-46143 ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

0.00128EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/27 11:12 p.m.19 views

CVE-2026-45963

A flaw was found in the Linux kernel's ASoC nau8821 driver. This vulnerability occurs when the driver is unloaded, and a pending jack detection work jdetwork is not properly cancelled or allowed to complete. An attacker could exploit this by triggering the driver unload under specific conditions,...

5.5CVSS5.8AI score0.00116EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-45963

In the Linux kernel, the following vulnerability has been resolved: ASoC: nau8821: Cancel delayed work on component remove Attempting to unload the driver while a jack detection work is pending would likely crash the kernel when it is eventually scheduled for execution: 1984.896308 BUG: unable to...

5.5CVSS0.00116EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/27 3:29 a.m.5 views

SUSE CVE-2024-43822

In the Linux kernel, the following vulnerability has been resolved: ASoc: PCM6240: Return directly after a failed devmkzalloc in pcmdevicei2cprobe The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devmkzalloc call failed at the beginning. This error code will...

5.5CVSS5.9AI score0.00193EPSS
Exploits0References3
Rows per page
Query Builder