CVE-2026-53065

A flaw was found in the Linux kernel, specifically within the ASoC STI driver. This vulnerability occurs because regmapfield objects, allocated during player initialization, are not properly freed when the driver is removed. This oversight can lead to a resource leak, potentially impacting system...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent a jump to NULL for the addsidecar callback In the createsdwdailink function, it is checked that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fixed error handling in mxssgtl5000probe. This function only calls ofnodeput in the regular path. It will cause a refcount leak in error-prone paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Added ofnodeput in at91sam9g20ekaudioprobe. This node pointer is returned by ofparsephandle, and its reference count is incremented in this function. Calling ofnodeput prevents the reference count leak...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: codec: sma1307: Fixed memory corruption in sma1307settingloaded The sma1307-setheadersize field specifies the number of integers in the header there are 8 such integers. However, instead of allocating 8 integers’ worth of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: correctly setting the Comp SoundWire port. For some reason, we end up setting the SoundWire port for HPHLCOMP and HPHRCOMP to zero. This could potentially lead to memory corruption due to accessing and...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL when memory allocation fails. However, the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL chec...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: simple-card-utils: Fixed the pointer check in graphutilParseLinkDirectionation. Now, it checks whether the passed pointers are valid before writing to them. This also fixes a USBAN warning: UBSAN: Invalid-load in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fixed an issue where accessing an array was done outside the bounds of the array for an enum type. Accessing enums using integers would result in accessing an array outside its bounds on platforms like...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fixed a use-after-free in the “remove” path of the driver. When devm runs functions in the “remove” path for a device, it executes them in reverse order. This means that if there are parts of your driver...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mxs-saif: Fixed a refcount leak in mxssaifprobe. The function ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fixed a refcount leak in mt8183mt6358ts3a227max98357devprobe. The node returned by ofparsephandle has a refcount that is incremented; ofnodeput must be called when using it again. Therefore, this issue nee...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field will not be set. As a result, sofipc4routesetup will cause a kernel error when attempting to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca – fixed a situation where the kernel’s NULL pointer was dereferenced due to an IO error. The initial settings will be written before the codec probe function is called. However, the rt711-component has not yet be...

CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

CVE-2026-46262 ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

PT-2026-44266

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the ASoC qcom q6apm-lpass-dai component, the prepare function can be called multiple times, leading to multiple graph opens for the playback path. This behavior results in memory leaks...

EUVD-2026-32247

In the Linux kernel, the following vulnerability has been resolved: ASoC: nau8821: Cancel delayed work on component remove Attempting to unload the driver while a jack detection work is pending would likely crash the kernel when it is eventually scheduled for execution: 1984.896308 BUG: unable to...

PT-2026-43830

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASoC nau8821 component where attempting to unload the driver while jack detection work is pending can lead to a kernel crash. This occurs when the nau8821 jdet wor...