102 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: timer: Fix UAF at sndtimeruserparams At releasing a timer object, e.g. when a userspace timer CONFIGSNDUTIMER gets closed and sndtimerfree is called, it...
SUSE CVE-2026-53192
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at sndtimeruserparams At releasing a timer object, e.g. when a userspace timer CONFIGSNDUTIMER gets closed and sndtimerfree is called, it tries to detach the timer instances and release the resources. However...
CVE-2026-53192
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at sndtimeruserparams At releasing a timer object, e.g. when a userspace timer CONFIGSNDUTIMER gets closed and sndtimerfree is called, it tries to detach the timer instances and release the resources. However...
CVE-2026-53193
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...
UBUNTU-CVE-2026-53192
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at sndtimeruserparams At releasing a timer object, e.g. when a userspace timer CONFIGSNDUTIMER gets closed and sndtimerfree is called, it tries to detach the timer instances and release the resources. However...
CVE-2026-53193
CVE-2026-53193 concerns the Linux kernel ALSA timer component. When a snd_timer object is freed via snd_timer_free() while there are still pending snd_timer_instance entries linked to it, slave instances may continue to point at the freed timer, creating a use-after-free condition. The vulnerabil...
EUVD-2026-39284
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...
CVE-2026-53192
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at sndtimeruserparams At releasing a timer object, e.g. when a userspace timer CONFIGSNDUTIMER gets closed and sndtimerfree is called, it tries to detach the timer instances and release the resources. However...
CVE-2026-53192 ALSA: timer: Fix UAF at snd_timer_user_params()
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at sndtimeruserparams At releasing a timer object, e.g. when a userspace timer CONFIGSNDUTIMER gets closed and sndtimerfree is called, it tries to detach the timer instances and release the resources. However...
CVE-2026-53192
CVE-2026-53192 — Linux kernel ALSA timer UAF fix The vulnerability affects the ALSA timer path (snd_timer_user_params) in the Linux kernel. A race can occur during timer object release when a concurrent SNDRV_TIMER_IOCTL_PARAMS ioctl is in flight, potentially leading to a use-after-free if anothe...
PT-2026-52288
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA timer component. When a userspace timer is closed and the snd timer free function is called to release resources, other active tasks may still...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000760)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000760 advisory. sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kern...
MiracleLinux 7 : kernel-3.10.0-693.11.1.el7 (AXSA:2017-2489:10)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2489:10 advisory. It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001000)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001000 advisory. The sndtimeruserparams function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtai...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002924)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002924 advisory. The sndtimeruserparams function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtai...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002774)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002774 advisory. sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002594)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002594 advisory. sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003011)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003011 advisory. sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kern...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993297)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993297 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990751)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990751 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...