2569 matches found
CVE-2022-50115 ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...
CVE-2022-50115
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...
CVE-2022-50016 ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...
CVE-2022-50016
CVE-2022-50016 concerns the Linux kernel ASoC SOF Intel cnl driver. The issue arises when an IPC reply is processed before the FW_READY message, risking a NULL pointer dereference because reply_data is allocated only after FW_READY. The description notes this condition was observed with IPC4 firm...
CVE-2022-50016
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...
CVE-2022-50016 ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...
CVE-2022-50015
CVE-2022-50015 : In the Linux kernel ASoC: SOF Intel hda-ipc, there is a vulnerability where a firmware could send a reply before the FW_READY message. Since reply_data is allocated after FW_READY, this can cause a NULL pointer dereference. The issue was reported for IPC4 and the same condition e...
CVE-2022-50015 ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...
CVE-2022-50015
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...
perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library
A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...
perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library
A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...
perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library
A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...
perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library
A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...
perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library
A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...
CVE-2025-48907
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-48907
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-48907
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-48907
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-48907
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability...