CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

CVE-2026-3196

CVE-2026-3196 describes an integer overflow in the virtio-snd device triggered by PCM_INFO requests from a guest, causing unbounded host memory allocation and potential denial-of-service. Documented in multiple feeds (CVE listing, AttackersKB, OSV/Nessus advisories) indicates the vulnerability af...

CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000985)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000985 advisory. Use-after-free vulnerability in the sndpcminfo function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. Tenabl...

kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation

Use-after-free vulnerability in the sndpcminfo function in the ALSA subsystem in the Linux kernel allows attackers to induce a kernel memory corruption and possibly crash or lock up a system. Due to the nature of the flaw, a privilege escalation cannot be fully ruled out, although we believe it i...