Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003269 advisory. It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and...

Linux Distros Unpatched Vulnerability : CVE-2018-10902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and...

SUSE CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

SUSE CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1539)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: MIDI driver race condition leads to a double-free

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0044)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net ...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1539)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution ...

Oracle Linux 6 : kernel (ELSA-2019-0415)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0415 advisory. 2.6.32-754.11.1.OL6 - Update genkey bug 25599697 2.6.32-754.11.1 - x86 mm/fault: Allow stack access below rsp Waiman Long 1644401 - sound alsa: rawmidi: Change...

USN-3847-1 linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities

It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-10902 It was discovered that an integer overr...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4300)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4300 advisory. - udf: Check component length before reading it Jan Kara Orabug: 21193696 CVE-2014-9728 - udf: Verify isize when loading inode Shan Hai Orabug:...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4299)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4299 advisory. - xfs: don't call xfsdashrinkinode with NULL bp Eric Sandeen Orabug: 28898616 CVE-2018-13094 - ALSA: rawmidi: Change resized buffers atomically...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2860-1)

This update for the Linux Kernel 4.4.103-9256 fixes several issues. The following security issues were fixed : CVE-2018-5390: Prevent very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming TCP packet which can lead to a denial of service bsc1102682. CVE-2018-1000026:...

CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

Double free

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

DEBIAN-CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

CVE-2018-10902

CVE-2018-10902 is a Linux kernel local privilege-escalation flaw in the raw MIDI driver. The issue arises from a race on concurrent access in the snd_rawmidi_ioctl() path (snd_rawmidi_input_params and snd_rawmidi_output_status), causing a double-free/double-realloc in the rawmidi.c handler. Explo...

CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...

CVE-2018-10902

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...