PT-2026-44280

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A data race exists in the ALSA PCM OSS component when accessing the runtime.oss.trigger field. Because this field is a bit field, concurrent access without protection can cause writes to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from data competition within the runtime.oss.trigger field in the ALSA pcm oss module, potentially...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010892)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010892 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986391 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Limit the period size to 16MB Set the practical limit to the period size the...

EUVD-2025-18575

Malicious code in bioql PyPI...

EUVD-2022-54934

Malicious code in bioql PyPI...

CVE-2025-38078

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

CVE-2025-38078

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

DEBIAN-CVE-2025-38078

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

CVE-2025-38078

CVE-2025-38078 affects the Linux kernel ALSA PCM OSS path. A race in buffer-clearing during initialization/reconfiguration could access a potentially freed runtime->dma_area, risking a use-after-free. The mitigation moved the silence-buffer operation into the PCM core and synchronized it under...

CVE-2025-38078 ALSA: pcm: Fix race of buffer access at PCM OSS layer

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

CVE-2025-38078 ALSA: pcm: Fix race of buffer access at PCM OSS layer

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

CVE-2025-38078

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer access contention condition in the PCM OSS layer that could lead to reuse after release...

UBUNTU-CVE-2022-49733

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is called from OSS PCM SNDCTLDSPSYNC ioctl; namely the function calls sndpcmossmakeready at first, then takes the paramslock mutex for t...

CVE-2022-49733

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is called from OSS PCM SNDCTLDSPSYNC ioctl; namely the function calls sndpcmossmakeready at first, then takes the paramslock mutex for t...

CVE-2022-49292

In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflow at vmalloc allocation that is called from sndpcmplugalloc. Although we apply the restrictions to input parameters, it's based only...

CVE-2022-49292 ALSA: oss: Fix PCM OSS buffer allocation overflow

In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflow at vmalloc allocation that is called from sndpcmplugalloc. Although we apply the restrictions to input parameters, it's based only...

CVE-2021-47511

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with sizet. Due to that, a to...

PT-2022-34647 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: A race condition exists in the ALSA pcm oss module. The issue is related to the SNDCTL DSP SYNC control. The actual impact and attack plausibility have not yet been proven. Recommendations:...