Lucene search
K

517 matches found

OSV
OSV
added 2025/12/24 11:15 a.m.3 views

UBUNTU-CVE-2025-68346

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

6.1AI score0.00196EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2025/12/24 11:15 a.m.9 views

CVE-2025-68346

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

6.1AI score0.00196EPSS
Exploits0References34
CVE
CVE
added 2025/12/24 10:32 a.m.21 views

CVE-2025-68346

The CVE-2025-68346 vulnerability affects the Linux kernel ALSA: dice driver. The root cause is a missing validation of stream_count read from a FireWire device in detect_stream_formats(), which can allow out-of-bounds writes if stream_count exceeds MAX_STREAMS. The fix adds the same validation to...

6.6AI score0.00196EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/24 10:32 a.m.25 views

CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

0.00196EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/24 10:32 a.m.23 views

CVE-2025-68347 ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...

0.00195EPSS
Exploits0References6
CVE
CVE
added 2025/12/24 10:32 a.m.30 views

CVE-2025-68347

CVE-2025-68347 affects the Linux kernel ALSA: firewire-motu subsystem. The vulnerability is in hwdep_read() DSP event handling, where copying could overflow the user buffer if the user buffer is smaller than the event header (8 bytes). The fix clamps the copy size using min_t() to ensure no more ...

6.6AI score0.00195EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/12/24 10:32 a.m.3 views

CVE-2025-68346

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

5.4AI score0.00196EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/12/24 10:32 a.m.6 views

CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

6.8AI score0.00196EPSS
Exploits0References11
OSV
OSV
added 2025/12/24 10:32 a.m.3 views

CVE-2025-68347 ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...

6.9AI score0.00195EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than...

6.5AI score0.00195EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-68346

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without...

7.3AI score0.00196EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.3 views

PT-2025-52883

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Windows affected versions not specified Description A flaw exists in the Linux kernel related to ALSA and firewire-motu, specifically a buffer overflow in the hwdep read function when handling DSP...

4.6CVSS7.2AI score0.00195EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/29 12:0 a.m.14 views

PT-2025-52882

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The detect stream formats function in the ALSA driver for Digital Interface Communication Engine dice devices does not validate the stream count value received from a FireWire device. A...

6CVSS6.4AI score0.00196EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990915)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990915 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch i...

5.5CVSS6AI score0.0024EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990434)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990434 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transactio...

5.5CVSS5.9AI score0.00253EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990466)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990466 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI...

4.4CVSS6AI score0.0026EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988728 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transactio...

5.5CVSS5.9AI score0.00253EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989497 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI...

4.4CVSS6AI score0.0026EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990231)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990231 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI...

4.4CVSS6AI score0.0026EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988941)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988941 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch i...

5.5CVSS6AI score0.0024EPSS
Exploits0References4
Rows per page
Query Builder