38 matches found
SUSE CVE-2026-46018
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...
CVE-2026-46048
A flaw was found in the Linux kernel's ALSA caiaq driver. This vulnerability, a reference count leak, occurs when the createcard function acquires a reference to a USB device, but the corresponding release is not performed if initcard fails before the destructor is properly assigned. A local...
CVE-2026-46018
In the Linux kernel ALSA USB audio path, the vulnerability arises from parse_uac2_sample_rate_range() capping the number of enumerated UAC2 sample rates at MAX_NR_RATES but only exiting the inner loop. A malformed UAC2 RANGE response with extra triplets can continue parsing, causing repeated "inv...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a NULL pointer dereference in sndusbmixercontrolsbadd. In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved using usbifnumtoif. If this call fails, a...
CVE-2026-31720
A flaw was found in the Linux kernel's USB gadget audio class 1 UAC1 legacy function. A remote attacker could exploit this vulnerability by sending a malicious USB control request, causing an out-of-bounds write on the stack. This could lead to a denial of service or potentially arbitrary code...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007329)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007329 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006702)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006702 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need t...
CVE-2026-23318
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio driver. A malicious USB Audio Class 3 UAC3 device could exploit an incorrect protocol version used for UAC3 header validation. This error causes the device's header descriptors to bypass validation, allowing a...
EUVD-2026-15267
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UACVERSION2, while it should have been UACVERSION3. This...
UBUNTU-CVE-2026-23318
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UACVERSION2, while it should have been UACVERSION3. This...
CVE-2026-23318 ALSA: usb-audio: Use correct version for UAC3 header validation
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UACVERSION2, while it should have been UACVERSION3. This...
kernel: ALSA: usb-audio: Validate UAC3 power domain descriptors, too
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too...
EUVD-2025-201580
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...
UBUNTU-CVE-2025-40275
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallback...
kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
kernel: ALSA: usb-audio: Validate UAC3 power domain descriptors, too
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too...
kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
kernel: ALSA: usb-audio: Validate UAC3 power domain descriptors, too
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too...
kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...