23 matches found
SUSE CVE-2026-46049
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...
CVE-2026-46049
A flaw was found in the ALSA Advanced Linux Sound Architecture ctxfi driver in the Linux kernel. When processing S/PDIF Sony/Philips Digital Interface Format passthrough playback at 32000 Hz, a missing update to the pllrate can cause an infinite loop. This can lead to a denial of service DoS for ...
CVE-2026-46049
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...
PT-2026-43916
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdif passthru playback get resources uses atc-pll rate as the RSR for the MSR calculation loop. However, pll rate is only updated in atc pll init and not in hw pll init, so it...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Do not enumerate SPDIF1 during DAIO initialization The recent refactoring of the xfi driver changed the way the assignment of atc-daios in atcgetresources works. Previously, only a subset of the DAIOTYP entries was...
SUSE CVE-2026-31775
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization The recent refactoring of xfi driver changed the assignment of atc-daios at atcgetresources; now it loops over all enum DAIOTYP entries while it looped formerly only a pa...
Linux Distros Unpatched Vulnerability : CVE-2026-31777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daiodeviceindex, but it's not always true. Add a...
Linux Distros Unpatched Vulnerability : CVE-2026-31775
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization The recent refactoring of xfi...
CVE-2026-31777
A flaw was found in the Linux kernel's ALSA ctxfi driver. The driver failed to properly validate the return value from the daiodeviceindex function. This oversight could lead to the driver making incorrect assumptions, potentially causing system instability. Mitigation To mitigate this issue,...
CVE-2026-31776
A flaw was found in the Linux kernel's ALSA ctxfi driver. The daiodeviceindex function for hw20k2 improperly handles the SPDIF1 DAIO type, leading to a missing index. This issue can result in an out-of-bounds array access, which may cause system instability or a denial of service DoS. Mitigation ...
CVE-2026-31777
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daiodeviceindex, but it's not always true. Add a proper error check to deal with the error from the function...
CVE-2026-31776 ALSA: ctxfi: Fix missing SPDIFI1 index handling
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix missing SPDIFI1 index handling SPDIF1 DAIO type isn't properly handled in daiodeviceindex for hw20k2, and it returned -EINVAL, which ended up with the out-of-bounds array access. Follow the hw20k1 pattern and...
CVE-2026-31776
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix missing SPDIFI1 index handling SPDIF1 DAIO type isn't properly handled in daiodeviceindex for hw20k2, and it returned -EINVAL, which ended up with the out-of-bounds array access. Follow the hw20k1 pattern and...
CVE-2026-31775
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization The recent refactoring of xfi driver changed the assignment of atc-daios at atcgetresources; now it loops over all enum DAIOTYP entries while it looped formerly only a pa...
CVE-2026-31775 ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization The recent refactoring of xfi driver changed the assignment of atc-daios at atcgetresources; now it loops over all enum DAIOTYP entries while it looped formerly only a pa...
PT-2026-36411
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix missing SPDIFI1 index handling SPDIF1 DAIO type isn't properly handled in daio device index for hw20k2, and it returned -EINVAL, which ended up with the out-of-bounds array access. Follow the hw20k1 pattern and...
DEBIAN-CVE-2026-31602
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...
CVE-2026-31602
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...
CVE-2026-31602
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...
CVE-2026-31602 ALSA: ctxfi: Limit PTP to a single page
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...