100 matches found
EUVD-2022-54973
Malicious code in bioql PyPI...
kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug
A flaw was found in the Linux kernel ALSA USB audio driver. This vulnerability allows a denial of service via a crafted USB audio device...
CVE-2023-53336 media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...
CVE-2025-38729
CVE-2025-38729 relates to the Linux kernel ALSA USB-audio driver and a validation issue with UAC3 power domain descriptors. The root cause is insufficient verification of the descriptor length (bLength), which could allow out-of-bounds accesses via malicious firmware. The vulnerability affects th...
The vulnerability of the usb6fire_chip_abort() function in the sound/usb/6fire/chip.c module allows a hacker to trigger a service failure for USB audio devices in Linux operating systems.
The vulnerability of the usb6firechipabort function in the sound/usb/6fire/chip.c module, which supports USB audio devices in Linux operating systems, is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2022-50123
CVE-2022-50123 affects the Linux kernel ASoC Mediatek mt8173 stack (mt8173_rt5650_rt5676_dev_probe). Root cause: of_parse_phandle() returns a node pointer with an incremented refcount and missing of_node_put() in error paths, leading to a potential refcount leak. The connected advisories document...
CVE-2019-10581
NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053...
CVE-2005-2134
The 1 clcs and 2 emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service kernel crash by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error...
Digigram PYKO-OUT 安全漏洞
Digigram PYKO-OUT is a professional-grade, multi-channel IP audio encoder from Digigram for high-quality AoIP Audio over IP transmission in broadcast and live production environments. A security vulnerability exists in the Digigram PYKO-OUT, which stems from the fact that no password is required ...
February 11, 2025—KB5052006 (OS Build 14393.7785)
None None...
February 11, 2025—KB5052000 (OS Build 17763.6893) - EXPIRED
None None...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Linux Distros Unpatched Vulnerability : CVE-2022-48701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB audio device with a USB ID of 0x04fa, 0x4201 and the number of it'...
CVE-2022-49253
CVE-2022-49253 affects the Linux kernel in the media: usb: go7007: s2250-board path, where a leak is fixed by calling i2c_unregister_device(audio) on the error path during probe. Connected sources (SUSE Astra Linux advisories) confirm the fix is in this area. The CVE description in the initial do...
February 11, 2025—KB5052032 (Security-only update)
None None...
DEBIAN-CVE-2024-53197
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usbgetconfiguration for allocating dev-config. This can...
Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...
CVE-2024-27436
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array...
CVE-2022-48701
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB audio device with a USB ID of 0x04fa, 0x4201 and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsi...
CVE-2022-48701
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB audio device with a USB ID of 0x04fa, 0x4201 and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsi...