Lucene search
K

85 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fixed resource leaks during component removal. The MBHC resources must be released in case of component probe failures and removals; therefore, they cannot be tied to the lifetime of the component devic...

5.7AI score0.00214EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: For the hda codecs, do not unset the preset when cleaning up the codec. Several functions involved in the initialization and removal of codecs are reused by ASoC codec driver implementations. These drivers mimic the behavio...

5.5CVSS5.7AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SDCA: Fixed errors in IRQ cleanup. IRQs are enabled through sdcairqpopulate from the component probe using devmrequestthreadedirq. However, this means that IRQs may persist if the sound card is removed. Some of the IRQ...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.11 views

SUSE CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/09 1:5 a.m.13 views

CVE-2026-43459

A flaw was found in the Linux kernel's sound subsystem ASoC. When a sound card is unbound while an audio stream is active, a timing issue can lead to a use-after-free vulnerability. This occurs because certain resources are freed before all pending operations are completed. A local attacker could...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28765

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

5.8AI score0.00113EPSS
Exploits0References9
NVD
NVD
added 2026/05/08 3:16 p.m.9 views

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS0.00113EPSS
Exploits0References8
OSV
OSV
added 2026/05/08 3:16 p.m.5 views

UBUNTU-CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS5.7AI score0.00113EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.5 views

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

5.8AI score0.00113EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/08 2:22 p.m.16 views

CVE-2026-43459

CVE-2026-43459 concerns the Linux kernel ASoC subsystem: when unbinding a sound card while a PCM stream is active, a use-after-free can occur due to teardown ordering. The fix adds a flush in soc_cleanup_card_resources() after snd_card_disconnect_sync() and before soc_remove_dais()/soc_remove_lin...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA System on Chip ASoC core. When a sound card is unbound while a PCM stream is open, the close delayed work workqueue handler calls snd soc dapm...

7.3CVSS5.5AI score0.00113EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/05/06 1:50 p.m.9 views

CVE-2026-43095

A flaw was found in the Linux kernel's ASoC SDCA subsystem. This vulnerability involves improper cleanup of Interrupt ReQuests IRQs when a sound card is removed. This can lead to IRQ handlers attempting to access invalid memory, which may cause a system crash and result in a Denial of Service DoS...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.7 views

CVE-2026-43095

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...

5.8AI score0.00107EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of devm in SDCA for handling IRQs. This can lead to the persistence of IRQs after the sou...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 3:16 p.m.8 views

DEBIAN-CVE-2026-31581

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...

7.8CVSS5.3AI score0.00128EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004207 advisory. go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak, aka...

5.5CVSS6.7AI score0.00459EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003879)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003879 advisory. go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak, aka...

5.5CVSS6.7AI score0.00459EPSS
Exploits0References13
EUVD
EUVD
added 2025/12/30 3:30 p.m.5 views

EUVD-2023-60496

In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snddevmcardnew sndcardymfpciremove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to sndcardnew was not replaced with...

5.7AI score0.00168EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/10 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-53842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied ...

5.9AI score0.00214EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2023-60154

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied to the lifetime of the component device. This is specifically needed ...

6AI score0.00214EPSS
Exploits0References5
Rows per page
Query Builder