20 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed potential RX buffer overflow issues. If an event causes the firmware to return an invalid RX size for LARGECONFIGGET, memcpyfromio might end up copying too many bytes. This issue was fixed by using mint...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38307)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38307 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returne...
CVE-2025-40338
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...
UBUNTU-CVE-2025-40344
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...
CVE-2025-40344 ASoC: Intel: avs: Disable periods-elapsed work when closing PCM
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...
CVE-2025-40338
CVE-2025-40338 is a Linux kernel vulnerability in ASoC: Intel avs where sharing the component name pointer could cause use-after-free during teardown. The fix duplicates the component name to prevent lifetime issues and updates the initialization/teardown order (noting that the config may pass a ...
EUVD-2022-55323
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50325
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return...
DEBIAN-CVE-2022-50325
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...
CVE-2022-50325 ASoC: Intel: avs: Fix potential RX buffer overflow
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...
CVE-2022-50325 ASoC: Intel: avs: Fix potential RX buffer overflow
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...
DEBIAN-CVE-2025-38307
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returned by parseintarray The first element of the returned array stores its length. If it is 0, any manipulation beyond the element at index 0 ends with null-ptr-deref...
CVE-2025-38307
CVE-2025-38307 refers to a Linux kernel vulnerability in the ASoC: Intel: avs driver. The issue arises from how parse_int_array() returns content: the first element stores the array length, and if that length is 0, manipulating beyond index 0 can cause a null-ptr-deref. The vulnerability is trigg...
SUSE CVE-2022-50052
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow although it's...
UBUNTU-CVE-2025-37793
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix null-ptr-deref in avscomponentprobe devmkasprintf returns NULL when memory allocation fails. Currently, avscomponentprobe does not check for this case, which results in a NULL pointer dereference...
CVE-2025-37793
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix null-ptr-deref in avscomponentprobe devmkasprintf returns NULL when memory allocation fails. Currently, avscomponentprobe does not check for this case, which results in a NULL pointer dereference...
PT-2025-18473
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference issue has been identified in the Linux kernel, specifically in the ASoC: Intel: avs module. The devm kasprintf function returns NULL when memory allocation...
PT-2025-49797
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ASoC Advanced Linux Sound Architecture Intel avs Audio Video Stream component. Specifically, the avs dai fe shutdown function, responsible for shuttin...
SUSE-SU-2024:2785-1 Security update for kernel-firmware
This update for kernel-firmware fixes the following issues: Update to version 20240728: amdgpu: update DMCUB to v0.0.227.0 for DCN35 and DCN351 Revert 'iwlwifi: update ty/So/Ma firmwares for core89-58 release' linux-firmware: update firmware for MT7922 WiFi device linux-firmware: update firmware...
kernel: ASoC: Intel: avs: Fix potential RX buffer overflow
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...