573 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed a race condition in SNDCTLDSPSYNC There is a small race condition in the sndpcmosssync function, which is called from OSS PCM SNDCTLDSPSYNC ioctl. Specifically, the function calls sndpcmossmakeready first, a...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: mISDN: Fixed a memory leak in dsppipelinebuild. dsppipelinebuild allocates a dup pointer using kstrdupcfg, but then it updates the dup variable using strsep&dup, “|”. As a result, when it calls kfreedup, the dup variable...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: qdsp6: Fixed the issue where q6apm removal ordering occurs during ADSP stop and start. During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. During ADSP stop, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: added a bounds check in the putuser loop for DSP events. In the DSP event handling code, the putuser loop copies event data. When the user buffer size is not aligned to 4 bytes, it may overwrite data beyond t...
FreeBSD-SA-26:27.sound
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:27.sound Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in the sound4 mmap path Category: core Module: sound Announced: 2026-06-09...
CVE-2026-25260 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...
CVE-2026-25259 Out-of-bounds Write in DSP Service
Memory corruption while processing multiple IOCTL command for escape operations...
CVE-2026-25258 Out-of-bounds Read in DSP Service
Memory corruption while processing IOCTL calls for escape operations...
CVE-2026-25258 Out-of-bounds Read in DSP Service
Memory corruption while processing IOCTL calls for escape operations...
kernel: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
kernel: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...
Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016773)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016773 advisory. An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mISDN: fixed a possible memory leak in mISDNdspelementregister After committing 1fa5ae857bb1 "driver core: remove the struct device’s busid string array", the name of the device is allocated dynamically. Use putdevice to relea...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Fixed an out-of-bounds memory read access in KUnit tests ctlcache. The KASAN reported an out-of-bounds access in the function csdspctlcacheinitmultipleoffsets. The code used mockcoefftemplate.lengthbytes 4 bytes...
Astra Linux - уязвимость в linux, linux-5.10
A race condition flaw was discovered in the Linux kernel sound subsystem due to improper locking mechanisms. This could lead to a NULL pointer derefrence during the handling of the SNDCTLDSPSYNC ioctl command. A privileged local user such as root or a member of the audio group could exploit this...
SUSE CVE-2026-43412
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. On ADSP stop, the q6apm-audio .remove callback unloads...
freerdp security update
2:2.11.7-1.7 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP format checks CVE-2026-31884 - Fix DSP array bounds checks CVE-2026-31883 - Fix DSP array bounds...
Oracle Linux 8 : freerdp (ELSA-2026-16019)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16019 advisory. - Lock appWindow to fix use-after-free in RAIL mode CVE-2026-25952 Resolves: RHEL-159850 - Fix double free in xfrailwindowcommon cleanup CVE-2026-2698...
freerdp security update
2:3.10.3-5.8 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix clipboard use-after-free during auto-reconnect CVE-2026-25997 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP format checks CVE-2026-31884 - Fix DSP array bounds checks CVE-2026-31883 - Fix DSP...