18 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field will not be set. As a result, sofipc4routesetup will cause a kernel error when attempting to...
EUVD-2025-209677
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...
CVE-2025-71286
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...
CVE-2025-71286
The CVE-2025-71286 issue concerns the Linux kernel’s ALSA SOF ipc4-topology component, where memory allocation for bytes controls was miscalculated. This could allow local memory corruption due to under-allocating space behind scontrol->ipc_control_data; fixes request allocating additional mem...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
SUSE CVE-2023-54233
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...
EUVD-2023-60408
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...
CVE-2023-54233
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...
UBUNTU-CVE-2023-54233
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...
CVE-2023-54233 ASoC: SOF: avoid a NULL dereference with unsupported widgets
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...
EUVD-2022-55292
Malicious code in bioql PyPI...
UBUNTU-CVE-2022-50016
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...
UBUNTU-CVE-2022-50015
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...
SUSE CVE-2023-52987
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
SUSE CVE-2025-21870
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name sname as the ALH copier and in that case the copier-data is NULL, no alhdata is attached, which could...
UBUNTU-CVE-2023-52987
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
UBUNTU-CVE-2024-27057
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sofipc4pcmhwfree is invoked to reset the pipelines since during suspend the DSP is turned off, streams...
PT-2025-54062
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ASoC Advanced Linux Sound Architecture and SOF Sound Open Firmware subsystems. Specifically, the issue involves a potential NULL...