CVE-2026-23089 ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

kernel: Linux kernel: ALSA: ump buffer overflow via malformed UMP SysEx message

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA Universal MIDI Packet UMP driver. This vulnerability allows a buffer overflow and potential memory corruption via a malformed Universal MIDI Packet UMP System Exclusive SysEx message during MIDI 1.0 to UMP conversion...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002488 advisory. The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the userctlcount...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003360)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003360 advisory. Use-after-free vulnerability in the sndpcminfo function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. Tenabl...

CVE-2025-68783

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices getmeterlevelsfromurb parses the 64-byte meter packets sent by the device and fills the per-channel arrays meterlevel, complevel and masterlevel in struct...

ALSA: firewire-motu: add bounds check in put_user loop for DSP events

...

CVE-2025-68753

The CVE CVE-2025-68753 relates to the Linux kernel ALSA: firewire-motu DSP event handling. The issue stems from a missing bounds check in a put_user() loop that copies DSP event data; if the user buffer size is not aligned to 4 bytes, data could be written beyond the intended boundary, potentiall...

PT-2026-27666

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ASoC ALSA System on Chip subsystem, specifically in the SDCA Simple Device Configuration Architecture component. The find sdca entity iot...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993196 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix potential memleak in 'addwidgetnode' As 'kobjectadd' may allocated memory for...

PT-2025-54041

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Move rwsem lock inside snd ctl elem read to prevent UAF Note: this is a fix that works around the bug equivalently as the two upstream commits: 1fa4445f9adf "ALSA: control - introduce snd ctl notify one helper"...

ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

...

ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi()

...

UBUNTU-CVE-2022-50719

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6miditransmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device...

CVE-2023-54084

CVE-2023-54084 concerns the Linux kernel where ALSA: firewire-digi00x could suffer a use-after-free. The issue occurs when init_stream() fails: instead of returning an error, the code frees dg00x->rx_stream and returns success, potentially leading to a use-after-free. The Connected documents p...

CVE-2023-54084 ALSA: firewire-digi00x: prevent potential use after free

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...

EUVD-2025-205108

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

UBUNTU-CVE-2025-68346

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

CVE-2023-54022

CVE-2023-54022: In the Linux kernel, ALSA usb-audio: Fix potential memory leaks at error path for UMP open. The issue arose because free_midi_urbs() only iterated ep->num_urbs while ep->num_entries hadn’t been updated during allocation/init errors in alloc_midi_urbs(), allowing leaked eleme...

CVE-2025-68347

CVE-2025-68347 affects the Linux kernel ALSA: firewire-motu subsystem. The vulnerability is in hwdep_read() DSP event handling, where copying could overflow the user buffer if the user buffer is smaller than the event header (8 bytes). The fix clamps the copy size using min_t() to ensure no more ...

ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd

...