CVE-2026-43137

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

Linux Distros Unpatched Vulnerability : CVE-2026-43137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the...

kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping

A flaw was found in the Linux kernel’s ASoC Intel bytcrrt5640 driver. When an invalid value is passed via the driver’s “quirk” input option, the driver merely logs an error and retains the invalid value, rather than correcting it. This can result in out-of-bounds OOB memory access...

kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping

A flaw was found in the Linux kernel’s ASoC Intel bytcrrt5640 driver. When an invalid value is passed via the driver’s “quirk” input option, the driver merely logs an error and retains the invalid value, rather than correcting it. This can result in out-of-bounds OOB memory access...

Linux Distros Unpatched Vulnerability : CVE-2025-40344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed wor...

CVE-2025-40154 ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988886)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988886 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snddmafreepages when...

CVE-2022-50325

CVE-2022-50325 (Linux kernel) is detailed in connected documents as an ASoC: Intel avs issue, where firmware may return an invalid RX size for LARGE_CONFIG_GET, causing memcpy_fromio() to copy too many bytes. Root cause: RX size handling overflow in the RX buffer due to missing bounds check. Miti...

CVE-2025-38308 ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avsdaifindpathtemplate shall be verified before being used. As 'template' is already known when avshwconstraintsinit is fired, drop the search entirel...

DEBIAN-CVE-2022-50052

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow although it's...

kernel: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snddmafreepages when snddmaallocpages returns -ENOMEM because it leads to a NULL pointer dereference bug. The dmesg says: T1387 sof-audio-pci-intel-tgl...