Lucene search
+L

306 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices The getmeterlevelsfromurb function parses the 64-byte meter packets sent by the device and fills the per-channel arrays meterlevel, complevel, and masterlevel in the struct...

5.9AI score0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: mixer: OSS: Add card disconnect checkpoints The ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might not always be detected when the device is disconnected. To avoid potential UAF...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in alsa-lib

Versions of alsa-lib from 1.2.2 up to and including 1.2.15.2, prior to the release of 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without...

4.6CVSS7.2AI score0.00191EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems, but the controls that were previously added to the card still reference the freed memory. Later, when...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a NULL pointer dereference in sndusbmixercontrolsbadd In sndusbcreatestreams, for UAC version 3 devices, the Interface Association Descriptor IAD is retrieved via usbifnumtoif. If this call fails, a fallbac...

5.9AI score0.00171EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/06/09 1:20 p.m.15 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-23271: perf: Fix perfeventoverflow vs perfremovefromcontext race bsc1260018. CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261638...

8.8CVSS5.6AI score0.00563EPSS
Exploits28References38
Ubuntu
Ubuntu
added 2026/06/09 9:23 a.m.12 views

USN-8044-2: alsa-lib vulnerability

USN-8044-1 fixed a vulnerability in alsa-lib. This update provides the corresponding fix for alsa-lib on Ubuntu 20.04 LTS. Original advisory details: It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology fil...

4.6CVSS5.8AI score0.00191EPSS
Exploits0
OSV
OSV
added 2026/06/09 9:23 a.m.9 views

USN-8044-2 alsa-lib vulnerability

USN-8044-1 fixed a vulnerability in alsa-lib. This update provides the corresponding fix for alsa-lib on Ubuntu 20.04 LTS. Original advisory details: It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology fil...

4.6CVSS5.8AI score0.00191EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.13.1 : alsa-lib (EulerOS-SA-2026-2118)

According to the versions of the alsa-lib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topolog...

4.6CVSS5.5AI score0.00191EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.12.1 : alsa-lib (EulerOS-SA-2026-2068)

According to the versions of the alsa-lib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topolog...

4.6CVSS5.6AI score0.00191EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.12.0 : alsa-lib (EulerOS-SA-2026-2093)

According to the versions of the alsa-lib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topolog...

4.6CVSS5.5AI score0.00191EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.13.0 : alsa-lib (EulerOS-SA-2026-2157)

According to the versions of the alsa-lib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topolog...

4.6CVSS5.5AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/mdp5: The return error code in mdp5piperelease occurs when a deadlock is detected. mdp5getglobalstate runs the risk of encountering an -EDEADLK error when acquiring the modeset lock. Currently, mdp5piperelease does not...

5.5CVSS6.5AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added a clamp function in scarlett2mixerctlput Ensured that the value passed to scarlett2mixerctlput is between 0 and SCARLETT2MIXERMAXVALUE, so that attempts to access elements outside of scarlett2mixervalues ar...

5.5CVSS6.2AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: ac97 – Fixed a possible NULL dereference in sndac97mixer. Smatch error: sound/pci/ac97/ac97codec.c:2354; sndac97mixer error: We previously assumed that ‘rac97’ could be null see line 2072. Removed redundant assignments;...

5.5CVSS5.7AI score0.00194EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers during parsing of Scarlett2 mixer interfaces The Scarlett2 mixer has a quirky behavior in the USB-audio driver; it may encounter a NULL dereference when a malformed USB descriptor is passed...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.13 views

SUSE CVE-2026-43436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

5.7AI score0.00123EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28742

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

5.8AI score0.00123EPSS
Exploits0References7
NVD
NVD
added 2026/05/08 3:16 p.m.17 views

CVE-2026-43436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

5.5CVSS0.00123EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.12 views

CVE-2026-43436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8
Rows per page
Query Builder