EUVD-2026-32431

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized pllrate variable in the ALSA ctxfi driver. This vulnerability may lead to an...

CVE-2026-31701

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA caiaq driver. This vulnerability arises from improper handling of Universal Serial Bus USB device references. When a USB device is disconnected, the driver may attempt to access memory that has already been freed, a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect enumeration of the SPDIF1 type during DAIO initialization in the ALSA ctxfi driver, which could...

CVE-2026-31602

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CTPTPNUM from 1 to 4 to support 256 playback streams, but the additional pages are not used by the card correctly. The CT20K2 hardware already has multiple...

PT-2026-34933

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA 6fire component. In the usb6fire chip abort function, the chip structure is allocated as the card's private data. When snd card free when closed...

kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial of service

A flaw was found in the ALSA USB audio driver of the Linux kernel. This vulnerability, a buffer overflow, occurs when the size of the Pulse-Code Modulation PCM stream data packets exceeds the maximum allowed by the USB descriptor. A local attacker could exploit this by providing specially crafted...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003189 advisory. In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces tha...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002556 advisory. In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces tha...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000430)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000430 advisory. In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces tha...

PT-2025-52882

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The detect stream formats function in the ALSA driver for Digital Interface Communication Engine dice devices does not validate the stream count value received from a FireWire device. A...

EUVD-2018-11499

Malware in sbrugna...

EUVD-2024-51852

Malicious code in bioql PyPI...

kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug

A flaw was found in the Linux kernel ALSA USB audio driver. This vulnerability allows a denial of service via a crafted USB audio device...

CVE-2025-39751

...

CVE-2025-38454 ALSA: ad1816a: Fix potential NULL pointer deref in snd_card_ad1816a_pnp()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ad1816a: Fix potential NULL pointer deref in sndcardad1816apnp Use prwarn instead of devwarn when 'pdev' is NULL to avoid a potential NULL pointer dereference...

UBUNTU-CVE-2025-38249

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 In sndusbgetaudioformatuac3, the length value returned from sndusbctlmsg is used directly for memory allocation without validation. This length is controlled by...

SUSE CVE-2022-50229

In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...

CVE-2022-49772

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Drop sndBUGON from sndusbmidioutputopen sndusbmidioutputopen has a check of the NULL port with sndBUGON. sndBUGON was used as this shouldn't have happened, but in reality, the NULL port may be seen when the devic...

Linux Distros Unpatched Vulnerability : CVE-2017-1000380

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read...