AZL-70627 CVE-2025-38105 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active state while the assigned...

SUSE CVE-2018-20961

In the Linux kernel before 4.16.4, a double free vulnerability in the fmidisetalt function of drivers/usb/gadget/function/fmidi.c in the fmidi driver may allow attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2020-27786

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190226)

Security Fixes : - kernel: MIDI driver race condition leads to a double-free CVE-2018-10902 Bug Fixes : - Previously backported upstream patch caused a change in the behavior of page fault handler. As a consequence, applications compiled through GNU Compiler Collection GCC version 4.4.7 sometimes...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2019:0415 An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3847-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3847-1 advisory. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker cou...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3776-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3776-2 advisory. USN-3776-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Linux Kernel Double Release Vulnerability (CNVD-2018-17431)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of the raw midi kernel driver to protect against simultaneous access. A local attacker...

kernel: double-free in usb-audio triggered by invalid USB descriptor

A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the 'umidi' object. An attacker with physical access to the system could use this flaw to escalate their privileges...

Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerabilities (USN-2930-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2930-2 advisory. Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local...

Ubuntu 12.04 LTS : linux vulnerability (USN-2928-1)

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. Note that Tenable Network Security has...