9 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: ump – Buffer overflow in the MIDI 1.0 to UMP packet conversion The conversion function from MIDI 1.0 to UMP packets includes an internal buffer to store incoming MIDI bytes. The size of this buffer is 4 bytes, which was...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37891)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37891 advisory. - In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP...
CVE-2025-37891
In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max...
CVE-2025-37891
The provided documents confirm CVE-2025-37891 affects the Linux kernel’s ALSA: ump path, where SysEx messages could overflow an internal 4-byte buffer during MIDI 1.0 to UMP conversion. The root cause is that SysEx can be up to 6 bytes, exceeding the original 4-byte buffer, risking memory corrupt...
CVE-2025-37891 ALSA: ump: Fix buffer overflow at UMP SysEx message conversion
In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max...
CVE-2025-37891 ALSA: ump: Fix buffer overflow at UMP SysEx message conversion
In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max...
PT-2025-21912
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.93 Description The Linux kernel contains a buffer overflow in the ALSA subsystem, specifically within the UMP Unified MIDI Packet SysEx message conversion process. The do convert to ump function uses an...
Winamp 5.61 'in_midi' component heap overflow (crash only)
Exploit for windows platform in category dos / poc Exploit Title: Winamp 'inmidi' component heap overflow Date: 05/14/2011 Author: Alexander Gavrun http://0x1byte.blogspot.com/ Software Link: http://www.winamp.com/ Version: 5.61 Tested on: Windows 7 Vulnerability occur while parsing midi file wit...
Winamp 5.61 - in_midi Component heap Overflow (crash only)
Winamp 5.61 - inmidi Component heap Overflow crash only Exploit Title: Winamp 'inmidi' component heap overflow Date: 05/14/2011 Author: Alexander Gavrun http://0x1byte.blogspot.com/ Software Link: http://www.winamp.com/ Version: 5.61 Tested on: Windows 7 Vulnerability occur while parsing midi fil...