EUVD-2023-60001

In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: avoid stalls in fqpietimer When setting a high number of flows limit being 65536, fqpietimer is currently using too much time as syzbot reported. Add logic to yield the cpu every 2048 flows less than 150 usec on...

kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...

kernel: Linux kernel ALSA hda/ca0132 buffer overflow

This CVE has been marked as Rejected by the assigning CNA...

CVE-2025-39997 ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix race condition to UAF in sndusbmidifree The previous commit 0718a78f6a9f "ALSA: usb-audio: Kill timer properly at removal" patched a UAF issue caused by the error timer. However, because the error timer kill...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Linux Distros Unpatched Vulnerability : CVE-2022-50484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the...

EUVD-2019-15100

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986521 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986290 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986293)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986293 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987233 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control fl...

EUVD-2023-59914

Malicious code in bioql PyPI...

EUVD-2025-28960

Malicious code in bioql PyPI...

EUVD-2022-55487

Malicious code in bioql PyPI...

CVE-2022-50427 ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in sndac97devregister If deviceregister fails in sndac97devregister, it should call putdevice to give up reference, or the name allocated in devsetname is leaked...

SUSE CVE-2023-53275

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in sndhdacregmapsync The variable codec-regmap is often protected by the lock codec-regmaplock when is accessed. However, it is accessed without holding the lock...

ALSA: usb-audio: Validate UAC3 cluster segment descriptors

...

CVE-2025-39696 ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: tas2781: Fix wrong reference of tasdevicepriv During the conversion to unify the calibration data management, the reference to tasdevicepriv was wrongly set to h-hdapriv instead of h-priv. This resulted in memory...

SUSE CVE-2025-38729

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too...

CVE-2025-38629

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2inputselectctlinfo sets up the string arrays allocated via kasprintf, but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check...