Lucene search
K

15 matches found

Cvelist
Cvelist
added 2026/05/28 9:36 a.m.33 views

CVE-2026-46184 sound: ua101: fix division by zero at probe

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

0.00128EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/01/29 7:8 p.m.3 views

CVE-2026-25068 alsa-lib 1.2.15.2 Topology Decoder Heap-based Buffer Overflow

alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without validating it...

4.6CVSS6AI score0.00191EPSS
Exploits0References2
CVE
CVE
added 2025/12/16 2:45 p.m.12 views

CVE-2025-68258

CVE-2025-68258 is a Linux kernel vulnerability in the comedi driver, specifically multiq3_attach(), where crafted config options could cause long task timeouts. Syzbot observed that setting s->n_chan via it->options[2] could trigger repeated multiq3_encoder_reset() calls, delaying processin...

6AI score0.0018EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2025/10/02 8:7 a.m.4 views

dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees

...

5.5CVSS7AI score0.0014EPSS
Exploits0
CVE
CVE
added 2025/10/01 8:7 a.m.34 views

CVE-2025-39923

CVE-2025-39923 concerns the Linux kernel dmaengine/qcom BAM driver. The root cause was missing error handling in DT parsing for required properties (clock and num-channels), which could allow probing to proceed unsafely and read channels from registers, risking early boot crashes across Qualcomm ...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2025/10/01 8:7 a.m.10 views

CVE-2025-39923

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees When we don't have a clock specified in the device tree, we have no way to ensure the BAM is on. This is often the case for remotely-controlled or remotely-power...

5.5CVSS5.5AI score0.0014EPSS
Exploits0
OSV
OSV
added 2025/09/16 1:15 p.m.14 views

AZL-67431 CVE-2025-39810 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix memory corruption when FW resources change during ifdown bnxtsetdfltrings assumes that it is always called before any TC has been created. So it doesn't take bp-numtc into account and assumes that it is always 0 or 1...

7.8CVSS5.6AI score0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/16 1:0 p.m.12 views

CVE-2025-39810 bnxt_en: Fix memory corruption when FW resources change during ifdown

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix memory corruption when FW resources change during ifdown bnxtsetdfltrings assumes that it is always called before any TC has been created. So it doesn't take bp-numtc into account and assumes that it is always 0 or 1...

5.8AI score0.00152EPSS
Exploits0References3
OSV
OSV
added 2025/06/18 10:15 a.m.6 views

UBUNTU-CVE-2025-38013

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set nchannels after allocating struct cfg80211scanrequest Make sure that nchannels is set after allocating the struct cfg80211registereddevice::intscanreq member. Seen with syzkaller: UBSAN:...

7.8CVSS6.3AI score0.00168EPSS
Exploits0References26
OSV
OSV
added 2024/05/21 3:15 p.m.24 views

CVE-2021-47286

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value between 0 and 255. In order to prevent any out of bound...

7.8CVSS4.6AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/01/27 10:24 p.m.36 views

CVE-2021-3272

jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components...

5.5CVSS1.6AI score0.01107EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2021/01/27 8:15 a.m.38 views

CVE-2021-3272

jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components...

5.5CVSS6.8AI score0.01107EPSS
Exploits1References2
OSV
OSV
added 2017/05/02 2:59 p.m.1 views

DEBIAN-CVE-2017-8419

LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service stack-based buffer overflow or heap-based buffer overflow or possibly have unspecified other impact via a crafted file, as demonstrated by...

7.8CVSS9AI score0.0152EPSS
Exploits1References1
Prion
Prion
added 2013/11/23 6:55 p.m.13 views

Out-of-bounds

The aacdecodeinit function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access...

9.3CVSS6.8AI score0.03618EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2012/02/14 12:0 a.m.38 views

CVE-2012-0852

The adpcmdecodeframe function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via an ADPCM fil...

6.8CVSS6.2AI score0.02737EPSS
Exploits0References4
Rows per page
Query Builder