CVE-2026-46049

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed NULL pointer dereferencing in trytoregistercard. In trytoregistercard, the return value of usbifnumtoif is passed directly to usbinterfaceclaimed without a NULL check. This can lead to a NULL pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Properly handles channel mapping lists. Currently, each channel is added as a list to the dai channel list. However, there is a risk of adding the same channel to multiple dai channel lists, which could lea...

UBUNTU-CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ASoC soc-core component not refreshing its delayed operations before removing DAI and widgets...

Linux Distros Unpatched Vulnerability : CVE-2026-43137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: meson: axg-card: fixed “use-after-free” issue The buffer “card-dailink” is reallocated in “mesoncardreallocatelinks”. Therefore, the initialization of the “pad” pointer should be moved after this function, when the memor...

Linux Distros Unpatched Vulnerability : CVE-2026-31776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: ctxfi: Fix missing SPDIFI1 index handling SPDIF1 DAIO type isn't properly handled in daiodeviceindex for hw20k2, and it returned -EINVAL, which ended up...

CVE-2026-31775

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture ctxfi driver. An issue during the initialization of Digital Audio Input/Output DAIO resources incorrectly enumerates the SPDIF1 type, which is not defined for certain hardware models. This can lead to a kernel crash on...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect enumeration of the SPDIF1 type during DAIO initialization in the ALSA ctxfi driver, which could...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011287)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011287 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams,...

Oracle Linux 10 : kernel (ELSA-2026-2721)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2721 advisory. - nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec CKI Backport Bot RHEL-144335 CVE-2026-22998 - smc: Fix use-after-free in...

CVE-2025-71081

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the setsync callback fails during DAI probe. Make sure to drop the referen...

CVE-2023-54075 ASoC: mediatek: common: Fix refcount leak in parse_dai_link_info

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a missing node reference count release when parsing DAI link information, which could lead to a reference count...

RLSA-2025:18298 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in...

EUVD-2025-32397

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed If earlier opening of source graph fails e.g. ADSP rejects due to incorrect audioreach topology, the graph is closed and "daidata-graphdai-id" is...

CVE-2025-39938

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed If earlier opening of source graph fails e.g. ADSP rejects due to incorrect audioreach topology, the graph is closed and "daidata-graphdai-id" is...

CVE-2025-39938 ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed If earlier opening of source graph fails e.g. ADSP rejects due to incorrect audioreach topology, the graph is closed and "daidata-graphdai-id" is...

EUVD-2025-25539

Malicious code in bioql PyPI...