libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

SUSE CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

Linux Distros Unpatched Vulnerability : CVE-2026-49127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows...

CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

DEBIAN-CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

UBUNTU-CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

CVE-2026-49127 Music Player Daemon < 0.24.11 Stack Buffer Overflow via pcm_unpack_24be

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

CVE-2026-49127 Music Player Daemon < 0.24.11 Stack Buffer Overflow via pcm_unpack_24be

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

EUVD-2026-33000

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

Music Player Daemon 安全漏洞

Music Player Daemon is an open-source music playback daemon. Versions of Music Player Daemon prior to 0.24.11 contained a security vulnerability. This vulnerability stemmed from the pcmunpack24be function in src/pcm/Pack.cxx, which had a stack buffer overflow issue. This could allow unauthorized...

PT-2026-44494

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcm unpack 24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

PT-2026-44280

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from data competition within the runtime.oss.trigger field in the ALSA pcm oss module, potentially...

SUSE CVE-2024-43822

In the Linux kernel, the following vulnerability has been resolved: ASoc: PCM6240: Return directly after a failed devmkzalloc in pcmdevicei2cprobe The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devmkzalloc call failed at the beginning. This error code will...

CLSA-2026-1779694248 mpg123: Fix of CVE-2024-10573

CVE-2024-10573: Out-of-bounds write during PCM decoding of crafted streams could lead to heap corruption and potential arbitrary code execution; decode the MPEG header into a temporary copy that is only applied to the live handle after the frame body is validated upstream svn-r5442, main fix, and...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed a potential data race in the PCM memory allocation helpers The PCM memory allocation helpers include a sanity check to prevent too many buffer allocations. However, this check is performed without proper locking,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot detected a potential deadlock between the runtime-buffermutex and the mm-mmaplock. This issue arose due to the recent fix related to racy read/writes and...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: emu10k1: Fixed an out-of-bounds access in sndemu10k1pcmchannelalloc The voice allocator sometimes begins allocating from near the end of the array, and then wraps around. However, the sndemu10k1pcmchannelalloc function...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: soc-compress: Repositioned and added pcmmutex. If paniconwarn is set and the compress stream DPCM is initiated, then a kernel panic occurs because card-pcmmutex is not properly locked. In the following functions, a warni...