3 matches found
CVE-2026-52964
Summary of CVE-2026-52964 : A flaw in the Linux kernel’s ALSA USB-audio path (USB MIDI 2.0 endpoint parser) fails to validate descriptor lengths for the MIDI 2.0 endpoint, allowing a malformed device to cause out-of-bounds reads on baAssoGrpTrmBlkID[] due to walking endpoint extras before verifyi...
CVE-2025-37891 ALSA: ump: Fix buffer overflow at UMP SysEx message conversion
In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max...
The vulnerability in the implementation of the MIDI protocol in Linux kernel allows attackers to increase their privileges.
The vulnerability of the Linux operating system’s MIDI kernel implementation relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...