The vulnerability of the Advanced Linux Sound Architecture component in VMware Workstation allows a hacker to execute arbitrary code.

The vulnerability of the Advanced Linux Sound Architecture ALSA component in VMware Workstation hypervisors is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability in the implementation of the alsa_seq_dummy_init handler in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the alsaseqdummyinit implementation in the sound/core/seq/snd-seq-dummy.ko module of the Linux operating system is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a system failure by connecting an ALSA sequencer MIDI-through device. Th...

CVE-2019-5525

VMware Workstation 15.x before 15.1.0 contains a use-after-free vulnerability in the Advanced Linux Sound Architecture ALSA backend. A malicious user with normal user privileges on the guest machine may exploit this issue in conjunction with other issues to execute code on the Linux host where...

Denial Of Service (DoS)

The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could u...

USN-3798-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is negatively instantiated. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8539 It...

USN-3631-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2017-13305 It was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3631-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3631-2 advisory. USN-3631-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

The vulnerability of the ALSA/dev/snd/timer driver (sound/core/timer.c) in the Linux operating system allows a hacker to obtain confidential information.

The vulnerability of the ALSA/dev/snd/timer driver sound/core/timer.c in the Linux operating system is related to the disclosure of information during simultaneous data reading and analysis. Exploiting this vulnerability can allow an attacker, operating locally, to obtain confidential information...

USN-3485-3 linux-aws vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

USN-3485-2 linux-lts-xenial vulnerabilities

USN-3485-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the ALSA subsystem of the Linux...

Ubuntu 16.04 LTS : Linux kernel (HWE) kernel vulnerabilities (USN-3371-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3371-1 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...

VMware Workstation Pro for Linux and VMware Workstation Player for Linux Elevation of Privilege Vulnerability

VMware Workstation Pro for Linux and VMware Workstation Player for Linux are both Linux-based virtual machine software products from VMware.VMware Workstation Pro for Linux is one of the VMware Workstation Pro for Linux is one of the professional editions; VMware Workstation Player for Linux is a...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3168-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3168-1 advisory. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local...

Ubuntu 16.04 LTS : Linux kernel (Raspberry Pi 2) vulnerabilities (USN-3169-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3169-3 advisory. Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel...

kernel: ALSA: Use-after-free in kill_fasync

A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely...

ALSA 'snd_compr_allocate_buffer' function integer overflow vulnerability

ALSA Advanced Linux Sound Architecture is a set of sound card drivers for the Linux operating system that provides audio and MIDI Musical Instrument Digital Interface. An integer overflow vulnerability exists in the 'sndcomprallocatebuffer' function of ALSA, which stems from the program's failure...

PT-2016-3472 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.6-rc6-next-20120917 Description: The issue is related to an integer overflow in the snd compr allocate buffer function in the ALSA subsystem. This can be exploited by local users via a crafted SNDRV COMPRESS S...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3018-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3018-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-3020-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3020-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...

Linux kernel Advanced Linux Sound Architecture Framework Denial of Service Vulnerability

Linux kernel is an open source operating system. A denial of service vulnerability exists in the Linux kernel's Advanced Linux Sound Architecture framework, which can be exploited by a local attacker to cause the system to hang, resulting in a denial of service attack...