Lucene search
K

3506 matches found

RedHat Linux
RedHat Linux
added 2026/06/11 11:39 a.m.7 views

kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

7.8CVSS5.5AI score0.00128EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7585-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7585-3 advisory. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls...

7.8CVSS5.8AI score0.00252EPSS
Exploits0References33
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.5 views

FreeBSD : FreeBSD -- Multiple vulnerabilities in the sound(4) mmap path (253188dd-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 253188dd-6473-11f1-958d-bc241121aa0a advisory. The sound4 driver contained two memory-safety errors in its mmap2 support. First, dspmmapsingl...

7.8CVSS5.8AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 12:0 a.m.11 views

ALSA-2026:25217 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

9.8CVSS5.5AI score0.00563EPSS
Exploits0References24
OSV
OSV
added 2026/06/10 12:0 a.m.49 views

ALSA-2026:25120 Critical: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781...

9.8CVSS6.5AI score0.00563EPSS
Exploits0References28
OSV
OSV
added 2026/06/09 9:23 a.m.6 views

USN-8044-2 alsa-lib vulnerability

USN-8044-1 fixed a vulnerability in alsa-lib. This update provides the corresponding fix for alsa-lib on Ubuntu 20.04 LTS. Original advisory details: It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology fil...

4.6CVSS5.8AI score0.00191EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.6 views

FreeBSD Security Advisory - FreeBSD-SA-26:27.sound

FreeBSD Security Advisory - The sound4 driver contained two memory-safety errors in its mmap2 support. First, dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and...

5.7AI score0.00149EPSS
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2026/06/09 12:0 a.m.7 views

FreeBSD-SA-26:27.sound

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:27.sound Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in the sound4 mmap path Category: core Module: sound Announced: 2026-06-09...

7.8CVSS6.1AI score0.00149EPSS
Exploits0
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.6 views

FreeBSD -- Multiple vulnerabilities in the sound(4) mmap path

Problem Description: The sound4 driver contained two memory-safety errors in its mmap2 support. First, dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and length...

7.8CVSS5.8AI score0.00149EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/04 2:21 a.m.8 views

SUSE CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

5.8AI score0.00091EPSS
Exploits0References3
Mageia
Mageia
added 2026/06/02 5:23 a.m.12 views

Updated sdl2_sound packages fix security vulnerability

Updated packages fix CVE-2025-14369 in bundled drflac...

5.5CVSS6AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 1:45 p.m.11 views

SUSE-SU-2026:21883-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

7.4CVSS6.9AI score0.00143EPSS
Exploits1References13
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.15 views

SUSE CVE-2026-46157

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...

5.3CVSS5.7AI score0.00099EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.11 views

SUSE CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by...

5.5CVSS6AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.13 views

CVE-2026-46179

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC Sound Open Firmware SOF subsystem. This vulnerability occurs when reporting the pointer for a compressed stream, where the I/O frame position is divided by values that can be zero if the stream...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 6:11 p.m.12 views

CVE-2026-46157

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA Pulse Code Modulation PCM Open Sound System OSS subsystem. A data race vulnerability exists due to concurrent access to the runtime.oss.trigger field without proper protection. This unprotected access can lead to the...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.12 views

CVE-2026-46184

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 10:16 a.m.9 views

CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

5.5CVSS0.00128EPSS
Exploits0References6
Rows per page
Query Builder