SUSE CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

UBUNTU-CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

CVE-2026-0428

The CVE-2026-0428 entry concerns insufficient parameter sanitization in the TEE SOC Driver that could let an attacker issue a malformed DRV_SOC_CMD_ID_SRIOV_COPY_VF_CHIPLET_REGS and write invalid data to a remote Die, potentially causing unexpected behavior. According to the provided data, the im...

PT-2026-41257

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID LOAD GFX IP FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

PT-2026-41256

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID SRIOV CHECK TA COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

CVE-2026-43443

A flaw was found in the Advanced Linux Sound Architecture ALSA System on Chip ASoC AMD Audio CoProcessor ACP machine common driver within the Linux kernel. The acpcardrt5682init and acpcardrt5682sinit functions failed to validate the return values from clock acquisition calls. This oversight coul...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ASoC soc-core component not refreshing its delayed operations before removing DAI and widgets...

SUSE CVE-2026-43108

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreglocpfrreqei It looks element length declared in servreglocpfrreqei for reason not matching servreglocpfrreq's reason field due which we could observe decoding error on PD crash...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of a playback/capture component in the ASoC SOF Intel hda. This could lead to null pointer...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Treat platformmax consistently as a control value. This change reverts to commit 9bdd10d57a88 “ASoC: ops: Shifted test values in sndsocputvolsw by +min”, and includes some additional related updates. There are two ways...

CVE-2026-31475

A flaw was found in the Linux kernel's ASoC sma1307 component. An incorrect cleanup operation attempts to manually free memory that is already managed by the device resource management devres system. This can lead to a double free vulnerability, potentially causing memory corruption and system...

CVE-2026-26070

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::map concurrent access container/optional corruption possible. The trigger is an EV SoC update with powermeter periodic update and unplugging/SessionFinished state. Version 2026.2.0 contains a...

ATLAS: AI-Assisted Threat-To-Assertion Learning for System-On-Chip Security Verification

This work presents ATLAS, an LLM-driven framework that bridges standardized threat modeling and property-based formal verification for System-on-Chip SoC security. Starting from vulnerability knowledge bases such as Common Weakness Enumeration CWE, ATLAS identifies SoC-specific assets, maps...

CVE-2025-54514

Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity...

CVE-2025-54514

Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity...

UBUNTU-CVE-2025-54514

Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity...

CVE-2025-54514

Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity...

CVE-2025-54514

CVE-2025-54514 concerns an on-chip resource isolation flaw in AMD SoCs that could be exploited by a local privileged attacker to cause a partial loss of integrity. The issue is described in AMD security bulletins (AMD-SB-4013 and AMD-SB-3023) and is reflected across multiple feeds (NVD, OSV, Debi...

CVE-2025-54514

Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity...

CVE-2025-54514

Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity...