311 matches found
DEBIAN-CVE-2022-49251
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: va-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 byt...
UBUNTU-CVE-2022-49291
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hwparams and hwfree calls Currently we have neither proper check nor protection against the concurrent calls of PCM hwparams and hwfree ioctls, which may result in a UAF. Since the existing P...
The vulnerability of the ALSA kernel component in Linux operating systems, which allows a hacker to cause a service failure
The vulnerability of the ALSA kernel component in Linux operating systems is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
DEBIAN-CVE-2024-53239
In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling...
CVE-2024-53045 ASoC: dapm: fix bounds checker error in dapm_widget_list_create
In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: fix bounds checker error in dapmwidgetlistcreate The widgets array in the sndsocdapmwidgetlist has a countedby attribute attached to it, which points to the numwidgets variable. This attribute is used in bounds...
ASoC: meson: axg-card: fix 'use-after-free'
...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ASoC: qcom module's failure to properly handle pointers returned by devmkzalloc in the...
SUSE CVE-2022-48992
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Add NULL check in BE reparenting Add NULL check in dpcmbereparent API, to handle kernel NULL pointer dereference error. The issue occurred in fuzzing test...
UBUNTU-CVE-2022-48951
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in sndsocputvolswsx The bounds checks in sndsocputvolswsx are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stere...
SUSE CVE-2024-46862
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-mtl-match: add missing empty item There is no linksnum in struct sndsocacpimach , and we test !link-numadr as a condition to end the loop in hdasdwmachineselect. So an empty item in struct...
DEBIAN-CVE-2024-46863
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item There is no linksnum in struct sndsocacpimach , and we test !link-numadr as a condition to end the loop in hdasdwmachineselect. So an empty item in struct...
DEBIAN-CVE-2024-46798
In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for sndsocpcmruntime object When using kernel with the following extra config, - CONFIGKASAN=y - CONFIGKASANGENERIC=y - CONFIGKASANINLINE=y - CONFIGKASANVMALLOC=y - CONFIGFRAMEWARN=4096 kernel detects that...
The vulnerability of the ALSA component of the Linux operating system’s kernel, related to pointer arithmetic errors, allows attackers to trigger a service failure.
The vulnerability of the ALSA component in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
CLSA-2024-1725389829 kernel: Fix of 3 CVEs
xen/blkfront: force data bouncing when backend is untrusted CVE-2022-33742 - ALSA: Fix deadlocks with kctl removals at disconnection CVE-2024-38600 - net: fix out-of-bounds access in opsinit CVE-2024-36883...
ROS-20240821-02
Vulnerability of the seg6init function in the net/ipv6/seg6.c module of the IPv6 protocol implementation of the Linux kernel is related to the reuse of previously freed memory. Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attack...
kernel: race condition in snd_pcm_hw_free leading to use-after-free
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges ...
SUSE CVE-2022-48739
In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...
DEBIAN-CVE-2021-47281
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of sndseqtimeropen The timer instance per queue is exclusive, and sndseqtimeropen should have managed the concurrent accesses. It looks as if it's checking the already existing timer instance at the beginning,...
The vulnerability of the run_spu_dma() function in the sound/sh/aica.c module of the Linux operating system’s audio subsystem allows a hacker to cause a service failure.
The vulnerability of the runspudma function in the sound/sh/aica.c file of the Linux operating system’s audio subsystem, ALSA, is related to the use of memory after deallocation due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to cause a...
The vulnerability of the sof_ipc3_fw_parse_ext_man() function in the sound/soc/sof/ipc3-loader.c kernel of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the sofipc3fwparseextman function in the sound/soc/sof/ipc3-loader.c file of the Linux kernel is related to reading beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to cause a service failure...