Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use sndcardfreewhenclosed when there is a disconnection. The USB disconnection callback should be short and not too long. Alternatively, the current code uses sndcardfree when there is a disconnection, but this waits...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: For the hda codecs, do not unset the “preset” parameter when cleaning up codec-related operations. Several functions involved in the initialization and removal of codecs are reused by ASoC codec driver implementations. Thes...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: codecs: wcd-mbhc-v2: fixed resource leaks during component removal The MBHC resources must be released in case of component probe failures and removals; therefore, they cannot be tied to the lifetime of the component...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SDCA: Fixed errors in IRQ cleanup. IRQs are enabled through sdcairqpopulate from the component probe using devmrequestthreadedirq. However, this means that IRQs may persist if the sound card is removed. Some of the IRQ...

SUSE CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

CVE-2026-43459

A flaw was found in the Linux kernel's sound subsystem ASoC. When a sound card is unbound while an audio stream is active, a timing issue can lead to a use-after-free vulnerability. This occurs because certain resources are freed before all pending operations are completed. A local attacker could...

EUVD-2026-28765

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

UBUNTU-CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

CVE-2026-43459

CVE-2026-43459 concerns the Linux kernel ASoC subsystem: when unbinding a sound card while a PCM stream is active, a use-after-free can occur due to teardown ordering. The fix adds a flush in soc_cleanup_card_resources() after snd_card_disconnect_sync() and before soc_remove_dais()/soc_remove_lin...

PT-2026-39120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA System on Chip ASoC core. When a sound card is unbound while a PCM stream is open, the close delayed work workqueue handler calls snd soc dapm...

CVE-2026-43095

A flaw was found in the Linux kernel's ASoC SDCA subsystem. This vulnerability involves improper cleanup of Interrupt ReQuests IRQs when a sound card is removed. This can lead to IRQ handlers attempting to access invalid memory, which may cause a system crash and result in a Denial of Service DoS...

CVE-2026-43095

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of devm in SDCA for handling IRQs. This can lead to the persistence of IRQs after the sou...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: meson: axg-card: fixed “use-after-free” issue The buffer “card-dailink” is reallocated in “mesoncardreallocatelinks”. Therefore, the initialization of the “pad” pointer should be moved after this function, when the memor...

DEBIAN-CVE-2026-31581

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003879)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003879 advisory. go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak, aka...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004207 advisory. go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak, aka...

EUVD-2023-60496

In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snddevmcardnew sndcardymfpciremove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to sndcardnew was not replaced with...