CVE-2026-46157

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block returns from sndgf1dmanextblock which may contain a null value. This could lead to a null pointer dereference issue. This issue can be fixed by adding a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use sndcardfreewhenclosed instead of sndcardfreewhenclosed. The USB disconnect callback should be short and not too long. However, the current code uses sndcardfree at the time of disconnection, but this waits for a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: emu10k1: Fixed an out-of-bounds access in sndemu10k1pcmchannelalloc The voice allocator sometimes begins allocating from near the end of the array, and then wraps around. However, the sndemu10k1pcmchannelalloc function...

CVE-2026-31581

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

EUVD-2026-5453

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

UBUNTU-CVE-2023-54072

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper lock and the allocati...

CVE-2023-53788 ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuningctlset tuningctlset might have buffer overrun at X if it didn't break from loop by matching A. static int tuningctlset... for i = 0; i TUNINGCTLSCOUNT; i++ A if nid ==...

CVE-2025-40097 ALSA: hda: Fix missing pointer check in hda_component_manager_init function

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

SUSE CVE-2022-50431

In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev devsetname in soundbusaddone allocates memory for name, it need be freed when ofdeviceregister fails, call soundbusdevput to give up the reference that hold in...

Linux Distros Unpatched Vulnerability : CVE-2022-48702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: emu10k1: Fix out of bounds access in sndemu10k1pcmchannelalloc The voice allocator sometimes begins allocating from near the end of the array and then wra...

DEBIAN-CVE-2024-56531

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses sndcardfree at disconnection, but this waits for the close of all...

UBUNTU-CVE-2024-53180

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Add sanity NULL check for the default mmap fault handler A driver might allow the mmap access before initializing its runtime-dmaarea properly. Add a proper NULL check before passing to virttopage for avoiding a panic...

kernel: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/csdspctl: Use privatefree for control cleanup Use the control privatefree callback to free the associated data block. This ensures that the memory won't leak, whatever way the control gets destroyed. The original...

USN-6972-3 linux-azure, linux-azure-4.15 vulnerabilities

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service system crash. CVE-2024-22099 It was discovered that a race condition existed in th...

CLSA-2024-1722535359 Fix of 18 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code Bionic update: upstream stable patchset 2021-06-01 LP: 1930472 // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2getenckey CVE-url:...

UBUNTU-CVE-2024-38388

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/csdspctl: Use privatefree for control cleanup Use the control privatefree callback to free the associated data block. This ensures that the memory won't leak, whatever way the control gets destroyed. The original...

DEBIAN-CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer-reg, which is not same as port id. port id should be derived from chaninfo array. So fix this. Without this, its possible that we cou...

CVE-2022-48735

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devmledclassdevregister and associated with the HD-audio codec device. Unfortunately, it turne...