Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Firmware: csdsp: Validate the payload length before processing the block. The check for the payload length should be performed before the block is processed. The previous check, which ensured that the length of a block’s paylo...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Returns an error if the block header exceeds the size of the remaining data in the file. If the block header is longer than the amount of data left in the file, csdsppowerup will return an error. The previous cod...

kernel: firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache)

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test ctl cache KASAN reported out of bounds access - csdspctlcacheinitmultipleoffsets. The code uses mockcoefftemplate.lengthbytes 4 bytes for register value allocations. But...

EUVD-2025-20906

Malicious code in bioql PyPI...

EUVD-2025-20917

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: csdsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - csdspmockbinaddnameorinfo, because the source string length was...

SUSE CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - csdspmockbinaddnameorinfo, because the source string length was rounded up to the allocation size...

SUSE CVE-2025-38330

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test ctl cache KASAN reported out of bounds access - csdspctlcacheinitmultipleoffsets. The code uses mockcoefftemplate.lengthbytes 4 bytes for register value allocations. But...

UBUNTU-CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - csdspmockbinaddnameorinfo, because the source string length was rounded up to the allocation size...

CVE-2025-38340 firmware: cs_dsp: Fix OOB memory read access in KUnit test

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - csdspmockbinaddnameorinfo, because the source string length was rounded up to the allocation size...

CVE-2025-38340

CVE-2025-38340: Linux kernel vulnerability in firmware: cs_dsp causing an OOB memory read in KUnit test due to source string length rounding up to allocation size. Reported by KASAN as out-of-bounds in cs_dsp_mock_bin_add_name_or_info(). Affects kernel components involved in firmware cs_dsp; root...

CVE-2025-38330 firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache)

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test ctl cache KASAN reported out of bounds access - csdspctlcacheinitmultipleoffsets. The code uses mockcoefftemplate.lengthbytes 4 bytes for register value allocations. But...

CVE-2025-38329

CVE-2025-38329 – Linux kernel: firmware: cs_dsp: fixes OOB memory read in KUnit test (wmfw info). KASAN reported out-of-bounds access in cs_dsp_mock_wmfw_add_info() where source string length was rounded up to the allocation size. Impact: local attacker with LOW privileges; confidentiality and av...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a cache initialization error in the csdsp firmware test, which could lead to out-of-bounds access...

Linux Distros Unpatched Vulnerability : CVE-2024-39491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of csdsp instance The csdsp instance is initialized in the...

kernel: firmware: cs_dsp: Return error if block header overflows file

A denial of service vulnerability was found in the Linux kernel. No error was returned from the csdsppowerup function if a block header is longer than the amount of data left in the file...

CVE-2024-42238

A denial of service vulnerability was found in the Linux kernel. No error was returned from the csdsppowerup function if a block header is longer than the amount of data left in the file...

CVE-2024-42237

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Validate payload length before processing block Move the payload length check in csdspload and csdspcoeffload to be done before the block is processed. The check that the length of a block payload does not exceed...

SUSE CVE-2024-42237

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Validate payload length before processing block Move the payload length check in csdspload and csdspcoeffload to be done before the block is processed. The check that the length of a block payload does not exceed...

AZL-47486 CVE-2024-42238 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Return error if block header overflows file Return an error from csdsppowerup if a block header is longer than the amount of data left in the file. The previous code in csdspload and csdsploadcoeff would loop whi...