517 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of boundary checking for DSP event handling in the firewire-motu driver, which could lead to...
Linux Distros Unpatched Vulnerability : CVE-2025-68753
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: firewire-motu: add bounds check in putuser loop for DSP events In the DSP event handling code, a putuser loop copies event data. When the user buffer size...
CVE-2025-68347
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...
ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
...
SUSE CVE-2023-54084
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
SUSE CVE-2025-68346
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
SUSE CVE-2025-68347
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...
Linux Distros Unpatched Vulnerability : CVE-2023-54084
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstrea...
EUVD-2023-60361
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
CVE-2023-54084
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
CVE-2023-54084
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
UBUNTU-CVE-2023-54084
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
CVE-2023-54084 ALSA: firewire-digi00x: prevent potential use after free
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
CVE-2023-54084
CVE-2023-54084 concerns the Linux kernel where ALSA: firewire-digi00x could suffer a use-after-free. The issue occurs when init_stream() fails: instead of returning an error, the code frees dg00x->rx_stream and returns success, potentially leading to a use-after-free. The Connected documents p...
CVE-2023-54084 ALSA: firewire-digi00x: prevent potential use after free
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
EUVD-2025-205107
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...
EUVD-2025-205108
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
CVE-2025-68347
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...
AZL-73096 CVE-2025-68347 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...
CVE-2025-68346
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...