CVE-2026-10933

Use after free in Audio in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

ALSA-2026:2378 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps...

kernel security update

3.10.0-1160.119.1.0.15 - Bluetooth: L2CAP: fix use-after-free in l2capconndel CVE-2022-3640 Orabug: 38742878 - Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput Orabug: 38742878 - Bluetooth: L2CAP: Fix user-after-free CVE-2022-50386 Orabug: 38742878 - wifi: brcmfmac: fix use-after-free...

MiracleLinux 7 : kernel-3.10.0-1160.139.1.0.1.el7.AXS7 (AXSA:2025-11327:91)

"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11327:91 advisory. ext4: fix possible UAF when remounting r/o a mmp-protected file system CVE-2021-47342 ext4: fix memory leak in ext4fillsuper net: defer final...

kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug

A flaw was found in the Linux kernel ALSA USB audio driver. This vulnerability allows a denial of service via a crafted USB audio device...

RHEL 8 : kernel (RHSA-2025:22752)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22752 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: ALSA USB Aud...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Oracle Linux 7 : kernel (ELSA-2025-17161)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-17161 advisory. - ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface CVE-2022-48701 Orabug: 38493400 - md-raid10: fix KASAN warning CVE-2022-50211...

RHEL 7 : kernel-rt (RHSA-2025:17109)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17109 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

CLSA-2025-1756482270 kernel: Fix of CVE-2024-2201

spec: up spec/misc to 1160.136.1, spectre mitigation is off by default - hugetlb, mempolicy: fix the mbind hugetlb migration - net: atm: fix use after free in lecsend - net: atlantic: fix aqvec index out of range error - block: initialize flush request via blkmqrqctxinit - ALSA: usb-audio: Fix a...

It Looks Like a School Bathroom Smoke Detector. A Teen Hacker Showed It Could Be an Audio Bug

A pair of hackers found that a vape detector often found in high school bathrooms contained microphones—and security weaknesses that could allow someone to turn it into a secret listening device...

CLSA-2025-1740649075 kernel: Fix of 3 CVEs

ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - drm/dpmst: Ensure mstprimary pointer is valid in drmdpmsthandleupreq CVE-2024-57798 - els15 crashes accessing CephFS storage from a cluster CVE-2024-26689...

CVE-2021-21114

CVE-2021-21114 affects the Chromium-based browser (Chromium/Google Chrome family) with an issue in the audio component prior to version 87.0.4280.141 . The root cause is described as a use-after-free leading to potential heap corruption when processing crafted HTML pages, enabling a remote attack...

CVE-2019-13626

SDL Simple DirectMedia Layer 2.x through 2.0.9 has a heap-based buffer over-read in FillIMAADPCMblock, caused by an integer overflow in IMAADPCMdecode in audio/SDLwave.c...

Qemu: audio: intel-hda: infinite loop in processing dma buffer stream

The intelhdaxfer function in hw/audio/intel-hda.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via an entry with the same value for buffer length and pointer position...

USN-2610-1 oxide-qt vulnerabilities

Several security issues were discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass Same Origin Policy restrictions. CVE-2015-1253, CVE-2015-1254 A use-after-free was discovered in the...

USN-2326-1 oxide-qt vulnerabilities

A use-after-free was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render...