RHEL 6 : netty-codec-http (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - netty-codec-http: Allocation of Resources Without Limits or Throttling CVE-2024-29025 Note that Nessus has not test...

CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer-reg, which is not same as port id. port id should be derived from chaninfo array. So fix this. Without this, its possible that we cou...

DEBIAN-CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48735

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devmledclassdevregister and associated with the HD-audio codec device. Unfortunately, it turne...

UBUNTU-CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

UBUNTU-CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer-reg, which is not same as port id. port id should be derived from chaninfo array. So fix this. Without this, its possible that we cou...

CVE-2022-48739 ASoC: hdmi-codec: Fix OOB memory accesses

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48739 ASoC: hdmi-codec: Fix OOB memory accesses

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48739 ASoC: hdmi-codec: Fix OOB memory accesses

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48739

CVE-2022-48739 affects the Linux kernel ASoC hdmi-codec subsystem. The vulnerability arises from out-of-bounds memory accesses during memcpy(), caused by an incorrect size for the iec_status array. The fix aligns the size of iec_status with the status array of struct snd_aes_iec958, eliminating t...

CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48735

CVE-2022-48735 concerns a use‑after‑free in the Linux kernel ALSA hda LED class devices created by HD‑audio codec drivers. The issue arises because LED class devices are registered via devm_led_classdev_register() and tied to the codec device, but the devres release can execute before the devm ch...

CVE-2022-48716

CVE-2022-48716 affects the Linux kernel under the ASoC codecs path for wcd938x SDW. The root cause is an incorrect use of portid versus port id in mixer controls, where the channel id was used to index port-related structures. This can lead to out-of-bounds access to the port_map array and potent...

CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer-reg, which is not same as port id. port id should be derived from chaninfo array. So fix this. Without this, its possible that we cou...

CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48735

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devmledclassdevregister and associated with the HD-audio codec device. Unfortunately, it turne...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from an out-of-bounds memory access in the ASoC:hdmi-codec module...

DEBIAN-CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the cod...

CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the cod...