Lucene search
K

50 matches found

OSV
OSV
added 2025/10/04 7:31 a.m.6 views

CVE-2025-39938 ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed If earlier opening of source graph fails e.g. ADSP rejects due to incorrect audioreach topology, the graph is closed and "daidata-graphdai-id" is...

5.5CVSS6.4AI score0.00136EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25539

Malicious code in bioql PyPI...

6.3AI score0.00151EPSS
Exploits0References3
OSV
OSV
added 2025/08/22 4:15 p.m.2 views

UBUNTU-CVE-2025-38662

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...

7.8CVSS5.7AI score0.00151EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.10 views

PT-2025-34423

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was discovered in the Linux kernel related to the ASoC Audio Subsystem over Component framework, specifically within the mediatek mt8365-dai-i2s driver. The mt8365 dai set priv...

8.5CVSS6.3AI score0.07142EPSS
Exploits3References535
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-38551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card...

5.5CVSS6.2AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2025/05/27 5:8 p.m.10 views

CLSA-2025-1748365686 kernel: Fix of 12 CVEs

ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic CVE-2025-21993 - media: uvcvideo: Fix double free in error path CVE-2024-57980 - jffs2: Prevent rtime decompress memory corruption CVE-2024-57850 - wifi: iwlegacy:...

7.8CVSS6.9AI score0.00268EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Arbitrary File Upload

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Arbitrary File Upload via the audio/api/v1/transcriptions endpoint. An attacker can execute arbitrary code on the server by uploading a malicious file with a crafted filename that exploits insufficient...

8.1CVSS7.8AI score0.00881EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/03/10 8:56 a.m.3 views

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

7.8CVSS7.2AI score0.03558EPSS
Exploits0References7
Mozilla
Mozilla
added 2025/03/04 12:0 a.m.44 views

Security Vulnerabilities fixed in Firefox 136 — Mozilla

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could...

8.8CVSS7.3AI score0.00497EPSS
Exploits0References15Affected Software1
OSV
OSV
added 2025/02/27 3:15 a.m.9 views

AZL-57899 CVE-2024-58012 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the topology might not create the right number of DAI widgets for aggregated amps. And it will cause NULL...

5.5CVSS5.6AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/27 2:12 a.m.2 views

CVE-2024-58012 ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the topology might not create the right number of DAI widgets for aggregated amps. And it will cause NULL...

7.6AI score0.00201EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49245

In the Linux kernel, the following vulnerability has been resolved: ASoC: rockchip: Fix PM usage reference of rockchipi2stdmresume pmruntimegetsync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by replacing it with...

5.5CVSS5.4AI score0.00243EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: meson: axg-card: fixed “use-after-free” issue The buffer “card-dailink” is reallocated in “mesoncardreallocatelinks”. Therefore, the initialization of the “pad” pointer should be moved after this function, when the memor...

7.8CVSS6.8AI score0.0025EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ASoC Intel hda-dai module incorrectly releasing the link DMA when STOP is triggered, which could lead to...

5.5CVSS6.4AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/03 12:0 a.m.6 views

PT-2025-8834

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been identified where the topology might not create the right number of DAI widgets for aggregated amps, leading to a NULL pointer deference. This occurs...

5.5CVSS7.1AI score0.00201EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/06/22 3:35 a.m.3 views

SUSE CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the cod...

5.5CVSS6.7AI score0.00236EPSS
Exploits0References10
OSV
OSV
added 2024/06/19 2:15 p.m.3 views

DEBIAN-CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the cod...

5.5CVSS5.4AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sndusbparseaudiointerface function allowing out-of-bounds reads...

7.1CVSS6.4AI score0.00238EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.4 views

SUSE CVE-2015-4477

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API...

10CVSS9.2AI score0.06328EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.2 views

PT-2022-34612 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue is related to an out-of-bounds bug in the snd usb parse audio interface function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

7.2AI score
Exploits0References1
Rows per page
Query Builder