SUSE CVE-2026-23089

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

CVE-2026-23089

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

CVE-2026-23089 ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

EUVD-2026-5453

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

CVE-2021-21318

Opencast is a free, open-source platform to support the management of educational audio and video content. In Opencast before version 9.2 there is a vulnerability in which publishing an episode with strict access rules will overwrite the currently set series access. This allows for an easy denial...

SUSE CVE-2024-38388

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/csdspctl: Use privatefree for control cleanup Use the control privatefree callback to free the associated data block. This ensures that the memory won't leak, whatever way the control gets destroyed. The original...

DEBIAN-CVE-2024-38388

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/csdspctl: Use privatefree for control cleanup Use the control privatefree callback to free the associated data block. This ensures that the memory won't leak, whatever way the control gets destroyed. The original...

UBUNTU-CVE-2024-38388

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/csdspctl: Use privatefree for control cleanup Use the control privatefree callback to free the associated data block. This ensures that the memory won't leak, whatever way the control gets destroyed. The original...

MAL-2024-1464 Malicious code in @juiggitea/officiis-unde-qui-eveniet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 102860266a10b155fb025a65808b77045f098ac9fb1d4630845fb81d55a4619b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4442 Malicious code in lzqxodjrkbwhyuvf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b1061579f674fae2ef26266e097cd431e3776553dfe143eacbc1b44a837b438 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Re: [oss-security] CVE Request: Linux kernel ALSA core control API vulnerabilities

Hi, The mail that was send by Lars-Peter to the ALSA developers. Takashi Tiwai gave approval to forward it here. Ciao, Marcus ------------------------------------------------------------------- Subject: PATCH 0/5 Use-after-free and out-of-bounds acccess vulnerabilities in the ALSA control code...