kernel: ALSA: scarlett2: Add missing error checks to *_ctl_get()

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to ctlget The Linux kernel CVE team has assigned CVE-2023-52680 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051750-CVE-2023-52680-1f4a@gregkh/T...

CVE-2024-50205 ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check before the division. The...

CVE-2024-44954

...

OESA-2024-2030 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from sndgf1dmanextblock could be null, so there is a potential null pointer...

SUSE CVE-2024-39491

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of csdsp instance The csdsp instance is initialized in the driver probe so it should be freed in the driver remove. Also fix a missing call to csdspremove in the error path of cs35l56hdacommonprob...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the ALSA:hda/csdspctl module...

UBUNTU-CVE-2024-38600

In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In sndcarddisconnect, we set card-shutdown flag at the beginning, call callbacks and do sync for card-powerrefsleep waiters at the end. The callback may delete a kctl elemen...

SUSE CVE-2024-36955

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of devicegetnamedchildnode The documentation for devicegetnamedchildnode mentions this important point: " The caller is responsible for calling fwnodehandleput on the returned fwnode pointer. ...

CLSA-2024-1716980150 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2CHIDREADPENDING flag to prevent lock-up CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free...

SUSE CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

kernel: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in sndac97mixer smatch error: sound/pci/ac97/ac97codec.c:2354 sndac97mixer error: we previously assumed 'rac97' could be null see line 2072 remove redundant assignment, return error if...

kernel: Linux kernel: Denial of service or memory corruption due to a data race in ALSA PCM memory allocation

A flaw was found in the Linux kernel. A data race in the Advanced Linux Sound Architecture ALSA Pulse-Code Modulation PCM memory allocation helpers allows a local user to bypass sanity checks. This can lead to the allocation of more memory than intended, potentially resulting in a denial of servi...

DEBIAN-CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

SUSE CVE-2023-52680

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to ctlget The ctlget functions which call scarlett2update were not checking the return value. Fix to check the return value and pass to the caller...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a vulnerability in the ALSA module...

The vulnerability of the run_spu_dma() function in the sound/sh/aica.c module of the Linux operating system’s audio subsystem allows a hacker to cause a service failure.

The vulnerability of the runspudma function in the sound/sh/aica.c file of the Linux operating system’s audio subsystem, ALSA, is related to the use of memory after deallocation due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to cause a...

kernel: Linux kernel: Denial of service or memory corruption due to a data race in ALSA PCM memory allocation

A flaw was found in the Linux kernel. A data race in the Advanced Linux Sound Architecture ALSA Pulse-Code Modulation PCM memory allocation helpers allows a local user to bypass sanity checks. This can lead to the allocation of more memory than intended, potentially resulting in a denial of servi...

UBUNTU-CVE-2024-26927

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head-fullsize - head-headersize" can underflow. To some extent, we're always going to have to trust the firmware a bit. However, it's easy enough to add...

SUSE CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

DEBIAN-CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...