Lucene search
K

88 matches found

Debian CVE
Debian CVE
added 2024/12/27 3:6 p.m.8 views

CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

5.5CVSS5.6AI score0.00214EPSS
Exploits0
CVE
CVE
added 2024/12/27 3:6 p.m.110 views

CVE-2024-56657

CVE-2024-56657 relates to the Linux kernel ALSA: control path where WARN() was used for symlink creation errors. The fix downgrades these warnings to dev_err() and adds the function name to the prefix to reduce confusion (notably for fuzzers). This is a patch-level remediation described in Azure ...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.7 views

PT-2024-36966

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A vulnerability in the Linux kernel has been resolved, related to the ALSA control, where the use of WARN for showing symlink creation errors was downgraded to dev err to avoid confusing fuzzer...

5.5CVSS5.3AI score0.00214EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/04/04 7:6 a.m.7 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.1 views

SUSE CVE-2014-4653

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service use-after-free and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acce...

4.6CVSS6AI score0.00498EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.5 views

SUSE CVE-2014-4655

The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the userctlcount value, which allows local users to cause a denial of service integer overflow and limit bypass by leveraging /dev/snd/controlCX acces...

4.9CVSS6.3AI score0.00494EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.3 views

SUSE CVE-2014-4654

The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRVCTLIOCTLELEMREPLACE commands, which allows local users to remove kernel controls and cause a denial of service use-after-free and system...

4.6CVSS6.2AI score0.00498EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.60 views

Oracle: Security Advisory (ELSA-2014-3082)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.05794EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.31 views

SUSE SLES11 Security Update : kernel (SUSE-SU-2014:1138-1)

The SUSE Linux Enterprise Server 11 SP1 LTSS received a roll up update to fix several security and non-security issues. The following security issues have been fixed : - CVE-2013-1860: Heap-based buffer overflow in the wdmincallback function in drivers/usb/class/cdc-wdm.c in the Linux kernel befo...

7.1CVSS7.8AI score0.05926EPSS
Exploits17References71
Oracle linux
Oracle linux
added 2014/12/11 12:0 a.m.53 views

Unbreakable Enterprise kernel security update

kernel-uek 2.6.32-400.36.12 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849320 CVE-2014-3184 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192545 CVE-2014-4652 - udf: Avoid infinite loop when processing indirect ICBs Jan Kara Orabug:...

5CVSS1.7AI score0.0585EPSS
Exploits2
Oracle linux
Oracle linux
added 2014/12/11 12:0 a.m.52 views

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-55.1.1 - ALSA: control: Protect user controls against concurrent access Lars-Peter Clausen Orabug: 20192540 CVE-2014-4652 - target/rd: Refactor rdbuilddevicespace + rdreleasedevicespace Nicholas Bellinger Orabug: 20192516 CVE-2014-4027 - HID: logitech: perform bounds checking on...

6.9CVSS0.4AI score0.0585EPSS
Exploits2
Debian
Debian
added 2014/12/09 1:5 a.m.98 views

[SECURITY] [DLA 103-1] linux-2.6 security update

Package : linux-2.6 Version : CVE-2014-90902.6.32-48squeeze9 CVE ID : CVE-2012-6657 CVE-2013-0228 CVE-2013-7266 CVE-2014-4157 CVE-2014-4508 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4943 CVE-2014-5077 CVE-2014-5471 CVE-2014-5472 This security upload has been prepared in cooperation of th...

7.1CVSS6.8AI score0.05794EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2014/10/22 12:0 a.m.39 views

Oracle Linux 6 : kernel (ELSA-2014-1392)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...

7.8CVSS7.3AI score0.05794EPSS
Exploits6References12
Tenable Nessus
Tenable Nessus
added 2014/10/20 12:0 a.m.55 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2014-3083)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3083 advisory. - ALSA: control: Don't access controls outside of protected regions Lars-Peter Clausen Orabug: 19817787 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 -...

7.8CVSS7.2AI score0.05794EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2014/08/13 12:0 a.m.260 views

openSUSE Security Update : kernel (openSUSE-SU-2014:0985-1)

The Linux kernel was updated to fix security issues and bugs : Security issues fixed: CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users...

9.3CVSS6.8AI score0.05926EPSS
Exploits15References31
Tenable Nessus
Tenable Nessus
added 2014/08/04 12:0 a.m.57 views

openSUSE Security Update : kernel (openSUSE-SU-2014:0957-1)

The Linux Kernel was updated to fix various bugs and security issues. CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a...

6.9CVSS7AI score0.05926EPSS
Exploits16References27
NVD
NVD
added 2014/07/03 4:22 a.m.15 views

CVE-2014-4655

The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the userctlcount value, which allows local users to cause a denial of service integer overflow and limit bypass by leveraging /dev/snd/controlCX acces...

4.9CVSS7.2AI score0.00494EPSS
Exploits0References15
NVD
NVD
added 2014/07/03 4:22 a.m.18 views

CVE-2014-4653

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service use-after-free and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acce...

4.6CVSS7.1AI score0.00498EPSS
Exploits0References14
NVD
NVD
added 2014/07/03 4:22 a.m.15 views

CVE-2014-4654

The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRVCTLIOCTLELEMREPLACE commands, which allows local users to remove kernel controls and cause a denial of service use-after-free and system...

4.6CVSS7.1AI score0.00498EPSS
Exploits0References14
OSV
OSV
added 2014/07/03 4:22 a.m.2 views

DEBIAN-CVE-2014-4654

The sndctlelemadd function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRVCTLIOCTLELEMREPLACE commands, which allows local users to remove kernel controls and cause a denial of service use-after-free and system...

4.6CVSS5.6AI score0.00498EPSS
Exploits0References1
Rows per page
Query Builder