214 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed potential RX buffer overflow issues. If an event causes the firmware to return an invalid RX size for LARGECONFIGGET, memcpyfromio might end up copying too many bytes. This issue was fixed by using mint...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...
CVE-2019-25318
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25318
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25331
AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU registers by manipulating the 'Exit folder' input field. Attackers can craft a specially designed text file with 264 bytes of padding followed by register overwrite values to...
CVE-2019-25331
CVE-2019-25331 affects AVS Audio Converter 9.1, featuring a local buffer overflow in the Exit folder input. A crafted text file with 264 bytes of padding followed by register overwrite values can compromise the application and potentially execute arbitrary code. The CVSS metrics indicate high imp...
CVE-2019-25318
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25318 AVS Audio Converter 9.1.2.600 - Stack Overflow
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
CVE-2019-25318
The CVE describes a stack overflow in AVS Audio Converter 9.1.2.600 triggered by manipulating the output folder text input. A crafted payload can overwrite stack memory and execute arbitrary code, resulting in a bind shell on port 9999 when the Browse button is clicked. No remediation details are...
PT-2026-7930
AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU registers by manipulating the 'Exit folder' input field. Attackers can craft a specially designed text file with 264 bytes of padding followed by register overwrite values to...
AVS4YOU AVS Audio Converter 安全漏洞
AVS4YOU AVS Audio Converter is a software application developed by AVS4YOU Corporation. It is used to convert audio files from one format to another according to your preferences, and to save them on a hard drive. Version 9.1 of AVS4YOU AVS Audio Converter contains a security vulnerability caused...
AVS4YOU AVS Audio Converter 安全漏洞
AVS4YOU AVS Audio Converter is a software application developed by AVS4YOU Corporation. It is used to convert audio files from one format to another at your discretion, and to save them onto a hard drive. Version 9.1.2.600 of AVS4YOU AVS Audio Converter has a security vulnerability; this...
PT-2026-7918
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button ...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37793)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37793 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix null-ptr-deref in...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38307)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38307 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returne...
SUSE CVE-2025-40344
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...
CVE-2025-40338
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...
UBUNTU-CVE-2025-40344
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...
CVE-2025-40344 ASoC: Intel: avs: Disable periods-elapsed work when closing PCM
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...
CVE-2025-40338
CVE-2025-40338 is a Linux kernel vulnerability in ASoC: Intel avs where sharing the component name pointer could cause use-after-free during teardown. The fix duplicates the component name to prevent lifetime issues and updates the initialization/teardown order (noting that the config may pass a ...