Lucene search
K

365 matches found

NVD
NVD
added 2026/05/08 3:16 p.m.18 views

CVE-2026-43412

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. On ADSP stop, the q6apm-audio .remove callback unloads...

5.5CVSS0.00123EPSS
Exploits0References6
OSV
OSV
added 2026/05/08 3:16 p.m.6 views

UBUNTU-CVE-2026-43412

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. On ADSP stop, the q6apm-audio .remove callback unloads...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.5 views

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

5.8AI score0.00113EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/08 2:22 p.m.16 views

CVE-2026-43459

CVE-2026-43459 concerns the Linux kernel ASoC subsystem: when unbinding a sound card while a PCM stream is active, a use-after-free can occur due to teardown ordering. The fix adds a flush in soc_cleanup_card_resources() after snd_card_disconnect_sync() and before soc_remove_dais()/soc_remove_lin...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.7 views

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS5.7AI score0.00113EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43412

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. On ADSP stop, the q6apm-audio .remove callback unloads...

5.8AI score0.00123EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.40 views

CVE-2026-43412 ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. On ADSP stop, the q6apm-audio .remove callback unloads...

0.00123EPSS
Exploits0References6
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43412

CVE-2026-43412 pertains to the Linux kernel ASoC Qualcomm qdsp6 driver. The root cause is an incorrect removal order during ADSP stop/start, where q6apm-audio teardown can delete RTDs containing q6apm DAI components before their removal pass, leaving components linked to the card and causing a cr...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-39073

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASoC qcom qdsp6 component where incorrect removal ordering during ADSP stop and start operations leads to a kernel crash. Specifically, the q6apm-audio .remove...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.10 views

SUSE CVE-2026-43095

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...

5.8AI score0.00107EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/06 6:23 p.m.10 views

CVE-2026-43137

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture on Chip ASoC Sound Open Firmware SOF Intel High Definition Audio HDA subsystem. This flaw occurs when there is a mismatch between the Digital Audio Interface DAI links in the machine driver and the audio topology, leading to...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.6 views

EUVD-2025-209677

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

5.8AI score0.00127EPSS
Exploits0References6
NVD
NVD
added 2026/05/06 12:16 p.m.6 views

CVE-2026-43204

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce "ASoC: qcom: q6asm: handle the responses after closing"' attempted to ignore DSP responses arriving after a stream had been closed. However, those...

5.5CVSS0.00112EPSS
Exploits0References2
NVD
NVD
added 2026/05/06 12:16 p.m.9 views

CVE-2026-43137

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS0.00127EPSS
Exploits0References5
NVD
NVD
added 2026/05/06 12:16 p.m.8 views

CVE-2026-43126

In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...

7.8CVSS0.00129EPSS
Exploits0References4
CVE
CVE
added 2026/05/06 11:32 a.m.21 views

CVE-2025-71286

The CVE-2025-71286 issue concerns the Linux kernel’s ALSA SOF ipc4-topology component, where memory allocation for bytes controls was miscalculated. This could allow local memory corruption due to under-allocating space behind scontrol->ipc_control_data; fixes request allocating additional mem...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43204

Summary: CVE-2026-43204 affects the Linux kernel ASoC: qcom q6asm component, where DSP responses for closed data streams could still be processed, causing system lockups. Root cause: DSP responses arriving after stream closure were not unconditionally dropped. Fix: unconditionally drop all DSP re...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.7 views

CVE-2026-43204

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce "ASoC: qcom: q6asm: handle the responses after closing"' attempted to ignore DSP responses arriving after a stream had been closed. However, those...

5.5CVSS5.7AI score0.00112EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:27 a.m.9 views

CVE-2026-43137

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.6 views

CVE-2026-43095

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...

5.8AI score0.00107EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder