CVE-2025-38438 ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...

PT-2025-30852

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the ASoC SOF Intel HDA driver. The sof pdata-tplg filename variable, allocated using kstrdup, can be overwritten, leading to a memory leak. Thi...

CVE-2024-51565

The hda driver is vulnerable to a buffer over-read from a guest-controlled value...

CVE-2024-51565

The CVE-2024-51565 entry corresponds to a vulnerability in the bhyve hypervisor’s hda driver, described as a buffer over-read triggered by a guest-controlled value. The FreeBSD security advisory confirms this as one of multiple bhyve issues and notes the impact: potential DoS of the bhyve host an...

CVE-2024-51565 bhyve(8) hda driver buffer over-read

The hda driver is vulnerable to a buffer over-read from a guest-controlled value...

CVE-2024-51565 bhyve(8) hda driver buffer over-read

The hda driver is vulnerable to a buffer over-read from a guest-controlled value...

PT-2024-34709 · Unknown +1 · Hda Driver +1

Name of the Vulnerable Software and Affected Versions: hda driver affected versions not specified Description: The issue concerns a buffer over-read in the hda driver, which is triggered by a guest-controlled value. This allows for potential exploitation. No information is provided about the...

AZL-47546 CVE-2024-41037 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: fix null deref on system suspend entry When system enters suspend with an active stream, SOF core calls hwparamsuponresume. On Intel platforms with HDA DMA used to manage the link DMA, this leads to call...

CVE-2023-52806

CVE-2023-52806 concerns the Linux kernel ALSA hda subsystem. The description in the initial document notes a possible NULL pointer dereference when an AudioDSP stream is assigned, specifically when a COUPLED stream is inadvertently accepted despite drivers using HOST or LINK types. The connected ...

CVE-2024-23196

A race condition was found in the Linux kernel's sound/hda device driver in the sndhdacregmapsync function. This issue can result in a NULL pointer dereference issue, possibly leading to kernel panic and local denial of service issues...

PT-2022-33765 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.63 Description: The issue is related to a potential buffer overflow caused by the snprintf function in the ASoC: SOF: Intel: hda driver. The actual impact and attack plausibility have not yet been proven...