Lucene search
K

311 matches found

SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.9 views

SUSE CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:48 a.m.9 views

SUSE CVE-2025-71286

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.9 views

CVE-2026-43412

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. On ADSP stop, the q6apm-audio .remove callback unloads...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.30 views

CVE-2026-43459 ASoC: soc-core: flush delayed work before removing DAIs and widgets

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS0.00113EPSS
Exploits0References8
CVE
CVE
added 2026/05/08 2:22 p.m.27 views

CVE-2026-43437

CVE-2026-43437 affects the Linux kernel ALSA PCM subsystem (snd_pcm_drain). The issue is a use-after-free in the drain path: during drain, runtime is reassigned to a linked stream’s runtime and after releasing the stream lock, runtime fields (no_period_wakeup, rate, buffer_size) are accessed with...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-43459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 12:30 p.m.9 views

EUVD-2026-27699

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.8AI score0.00127EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/06 12:30 p.m.5 views

EUVD-2026-27600

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...

5.8AI score0.00107EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.7 views

CVE-2026-43137

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS5.7AI score0.00127EPSS
Exploits0
NVD
NVD
added 2026/05/06 10:16 a.m.17 views

CVE-2026-43095

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...

5.5CVSS0.00107EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.9 views

PT-2026-37544

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASoC qcom q6asm component where DSP responses arriving after a data stream had been closed were still being handled. This failure to properly ignore these response...

5.5CVSS5.5AI score0.00112EPSS
Exploits0References12
NVD
NVD
added 2026/05/01 3:16 p.m.5 views

CVE-2026-31776

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix missing SPDIFI1 index handling SPDIF1 DAIO type isn't properly handled in daiodeviceindex for hw20k2, and it returned -EINVAL, which ended up with the out-of-bounds array access. Follow the hw20k1 pattern and...

7.8CVSS0.0012EPSS
Exploits0References2
OSV
OSV
added 2026/04/19 10:40 p.m.3 views

SUSE-SU-2026:1464-1 Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger bsc1258396. - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy...

7.8CVSS5.8AI score0.00134EPSS
Exploits0References5
NVD
NVD
added 2026/03/25 11:16 a.m.4 views

CVE-2026-23301

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...

5.5CVSS0.00107EPSS
Exploits0References2
OSV
OSV
added 2026/03/25 10:26 a.m.4 views

CVE-2026-23301 ASoC: SDCA: Add allocation failure check for Entity name

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/04 4:8 p.m.3 views

CVE-2026-23089 ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

5.3AI score0.00135EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.6 views

SUSE CVE-2026-23006

In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "sndsoccomponent" in "adcx140priv" was only used once but never set. It was only used for reaching "dev" which is already present in "adcx140priv"...

5.5CVSS5.2AI score0.00186EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-46863)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46863 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-lnl-match: a...

5.5CVSS6.8AI score0.00177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003719 advisory. An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver...

4.9CVSS6.5AI score0.00712EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004141)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004141 advisory. An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures...

6.9CVSS6.5AI score0.00581EPSS
Exploits1References13
Rows per page
Query Builder