Lucene search
+L

643 matches found

OSV
OSV
added 3 days ago2 views

SUSE-SU-2026:2955-1 Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: - CVE-2026-31685: netfilter: ip6teui64: reject invalid MAC header for all packets bsc1263670. - CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on...

9.8CVSS6.1AI score0.00563EPSS
Exploits4References15
OSV
OSV
added 3 days ago2 views

SUSE-SU-2026:2945-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.34 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31505: iavf: fix out-of-bounds writes in iavfgetethtoolstats...

9.8CVSS6.7AI score0.00563EPSS
Exploits8References49
RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.7 views

kernel: ALSA: aloop: Fix racy access at PCM trigger

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...

7.8CVSS6AI score0.00113EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and...

7.8CVSS5.5AI score0.00138EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:8 a.m.9 views

Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)

...

7.8CVSS5.8AI score0.00273EPSS
Exploits0
NVD
NVD
added 2026/06/25 9:16 a.m.17 views

CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS0.00138EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.19 views

CVE-2026-53242

CVE-2026-53242 affects the Linux kernel ALSA PCM path (snd_pcm_drain) on linked streams. The bug arises from wait queue handling: init_waitqueue_entry does not clear prev/next and add_wait_queue/remove_wait_queue sequencing can leave an orphaned wait entry on an old sleep queue after UNLINK, caus...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS5.7AI score0.00138EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.31 views

CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS0.00138EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.17 views

PT-2026-52337

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA PCM component where the snd pcm drain function causes wait queue list corruption on linked streams. The function uses init waitqueue entry, which fails to cle...

7.8CVSS6AI score0.00138EPSS
Exploits0References20
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop – Fixedracy access during PCM trigger events The PCM trigger callback of the aloop driver attempts to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both the check and...

7.8CVSS6.1AI score0.00113EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Qemu

An integer overflow vulnerability was discovered in the virtio-snd device through PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

5.5CVSS5.9AI score0.00102EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, there was a buffer overflow vulnerability in the MS-ADPCM and IMA-ADPCM decoders, due to unchecked predictor and stepindex values from input data. This vulnerability has been fixed in version 3.24.0...

9.4CVSS6.3AI score0.00263EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential overflow of PCM transfer buffer The PCM stream data in the USB-audio driver is transferred via USB URB packet buffers, and the size of each packet is determined dynamically. The packet sizes are...

6AI score0.00222EPSS
Exploits0References4
NVD
NVD
added 2026/06/22 11:16 p.m.11 views

CVE-2026-54233

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to 14.9GB of float32 PCM at decode time. This vulnerability is fixed in 0.23.1rc0...

6.5CVSS0.00243EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 5:16 p.m.15 views

CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

5.5CVSS0.00102EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 4:23 p.m.27 views

CVE-2026-3195

CVE-2026-3195 : In QEMU’s virtio-snd, the heap buffer overflow occurs in the input callback (virtio_snd_pcm_in_cb) due to an incomplete bounds/iov check. The Attackerkb entry reiterates that the function does not verify whether the iov can fit the data buffer, enabling a heap out-of-bounds write....

7.4CVSS5.8AI score0.00126EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/19 4:23 p.m.45 views

CVE-2026-3196 Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

5.5CVSS0.00102EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 4:23 p.m.60 views

CVE-2026-3196

CVE-2026-3196 describes an integer overflow in the virtio-snd device triggered by PCM_INFO requests from a guest, causing unbounded host memory allocation and potential denial-of-service. Documented in multiple feeds (CVE listing, AttackersKB, OSV/Nessus advisories) indicates the vulnerability af...

5.5CVSS5.9AI score0.00102EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:23 p.m.7 views

CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

5.5CVSS5.9AI score0.00102EPSS
Exploits0References3Affected Software6
Rows per page
Query Builder