670 matches found
CVE-2026-52963
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...
CVE-2026-52964
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...
CVE-2026-52964 ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...
CVE-2026-52964
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...
CVE-2026-52964
Summary of CVE-2026-52964 : A flaw in the Linux kernel’s ALSA USB-audio path (USB MIDI 2.0 endpoint parser) fails to validate descriptor lengths for the MIDI 2.0 endpoint, allowing a malformed device to cause out-of-bounds reads on baAssoGrpTrmBlkID[] due to walking endpoint extras before verifyi...
CVE-2026-52963
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...
CVE-2026-52963 ALSA: usb-audio: Bound MIDI endpoint descriptor scans
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...
CVE-2026-52963
CVE-2026-52963 affects the Linux kernel ALSA usb-audio code path, specifically the MIDI endpoint handling in snd_usbmidi_get_ms_info. The vulnerability arises when the descriptor walker returns a class-specific MIDI endpoint with bLength larger than the remaining bytes in the endpoint-extra scan,...
PT-2026-51857
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA usb-audio component where the snd usbmidi get ms info function fails to properly bound MIDI endpoint descriptor scans. While the function validates the intern...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fixed a race condition that could lead to UAF in sndusbmidifree. The previous commit 0718a78f6a9f “ALSA: usb-audio: Properly terminates the timer upon endpoint deletion” fixed an UAF issue caused by the error...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work when closing a MIDI substream When closing a USB MIDI output substream, there may still be pending work. This work would eventually access the rawmidi runtime object that is being released. To...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential memory leaks at the error handling path for UMP operations. The allocation and initialization errors in allocmidiurbs, which occur when the function is called during MIDI 2.0/UMP device operations...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Remove sndBUGON from sndusbmidioutputopen The function sndusbmidioutputopen includes a check for the NULL port, which involves calling sndBUGON. The use of sndBUGON was intended to prevent such issues from...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fixed a stack overflow issue in line6miditransmit. The issue was addressed by correctly calculating the available space, including the size of the buffer. This correction prevents a buffer overflow when multiple MIDI...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: ump – Buffer overflow in the MIDI 1.0 to UMP packet conversion The conversion function from MIDI 1.0 to UMP packets includes an internal buffer to store incoming MIDI bytes. The size of this buffer is 4 bytes, which was...
ROS-20260520-73-0045
A vulnerability in the Web MIDI device support Web MIDI interface of Google Chrome browsers is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
Striso Control Firmware 安全漏洞
Striso Control Firmware is an open-source MPE MIDI controller firmware developed by Striso. Version 54c9722 of Striso Control Firmware contains a security vulnerability, which stems from a buffer overflow in the AuxJack function...
Striso Control Firmware 安全漏洞
Striso Control Firmware is an open-source MPE MIDI controller firmware developed by Striso. Version 54c9722 of Striso Control Firmware contains a security vulnerability, which stems from a buffer overflow in the ThreadReadButtons function...
KLA91053 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Codecs can be exploited remotely to execute arbitrary code. ...
KLA91012 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in media can be exploited remotely to execute...