Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Canceling pending work when closing a MIDI substream When closing a USB MIDI output substream, there may still be pending work. This work would eventually access the rawmidi runtime object that is being released...

kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

EUVD-2026-32773

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

CVE-2026-23208 ALSA: usb-audio: Prevent excessive number of frames

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize0 22 packsize1 23. The buffer size for each data URB is maxpacksize...

EUVD-2026-5453

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

CVE-2023-54022 ALSA: usb-audio: Fix potential memory leaks at error path for UMP open

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at allocmidiurbs that is called at MIDI 2.0 / UMP device are supposed to be handled at the caller side by invoking...

CVE-2023-54022

CVE-2023-54022: In the Linux kernel, ALSA usb-audio: Fix potential memory leaks at error path for UMP open. The issue arose because free_midi_urbs() only iterated ep->num_urbs while ep->num_entries hadn’t been updated during allocation/init errors in alloc_midi_urbs(), allowing leaked eleme...

USN-7685-5: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

The vulnerability of the USB-Audio component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the USB-Audio component in the Linux operating system’s kernel is related to errors in reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

Linux kernel snd-usb-audio Driver component denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. snd-usb-audio Driver is one of the driver components used to manage and set up audio. A denial of service vulnerability exists in the snd-usb-audio Driver component of Linux...