SUSE CVE-2025-71286

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

CVE-2025-71286

A flaw was found in the Linux kernel, specifically within the Advanced Linux Sound Architecture ALSA Sound Open Firmware SOF ipc4-topology component. An incorrect calculation of memory allocation size for bytes controls can occur. This memory allocation error could lead to memory corruption,...

CVE-2025-71286

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

CVE-2025-71286 ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

CVE-2025-71286

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

Linux Distros Unpatched Vulnerability : CVE-2025-71286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect allocation of byte control data in the ipc4-topology module of the SOF audio driver...

CVE-2023-54233

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...

Linux Distros Unpatched Vulnerability : CVE-2023-54233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then...

EUVD-2023-59733

Malicious code in bioql PyPI...

CVE-2022-50016

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...

CVE-2022-50016 ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...

CVE-2022-50015 ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...

CVE-2022-50015

CVE-2022-50015 : In the Linux kernel ASoC: SOF Intel hda-ipc, there is a vulnerability where a firmware could send a reply before the FW_READY message. Since reply_data is allocated after FW_READY, this can cause a NULL pointer dereference. The issue was reported for IPC4 and the same condition e...

CVE-2022-50015 ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...

CVE-2023-52987

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

CVE-2023-52987 ASoC: SOF: ipc4-mtrace: prevent underflow in sof_ipc4_priority_mask_dfs_write()

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

CVE-2023-52987

CVE-2023-52987 affects the Linux kernel ASoC SOF component: ipc4-mtrace code path. The vulnerability arises from an underflow in sof_ipc4_priority_mask_dfs_write() caused by using a signed id that should be unsigned, leading to an array underflow. The available connected documents consistently st...

CVE-2023-52987

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

AZL-62845 CVE-2025-21870 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name sname as the ALH copier and in that case the copier-data is NULL, no alhdata is attached, which could...