Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work when closing a MIDI substream When closing a USB MIDI output substream, there may still be pending work. This work would eventually access the rawmidi runtime object that is being released. To...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001266 advisory. It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002538)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002538 advisory. It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990856 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from bo...

EUVD-2022-54687

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is being released. For...

Linux Distros Unpatched Vulnerability : CVE-2021-47096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the...

UBUNTU-CVE-2022-49545

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is being released. For...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fixed race conditions related to access to midibuf. There can be concurrent accesses to line6’s midibuf from both the URB completion callback and the rawmidi API. This could trigger KMSAN warnings triggered by...

The vulnerability of the rawmidi component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the rawmidi component in the Linux operating system’s kernel is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20241011-01

A vulnerability in the NFSD component of the Linux operating system kernel is related to a READDIR buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the dbgfs component of the Linux operating system kernel is related to...

CLSA-2024-1726609578 kernel: Fix of 8 CVEs

blktrace: fix dereference after null check CVE-2019-19768 - blktrace: Protect q-blktrace with RCU CVE-2019-19768 - blktrace: fix unlocked access to init/start-stop/teardown - blktrace: Fix potential deadlock between delete & sysfs ops - net: fix out-of-bounds access in opsinit CVE-2024-36883 -...

SUSE CVE-2024-44954

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warning triggered by syzkaller below so pu...

DEBIAN-CVE-2024-44954

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warning triggered by syzkaller below so pu...

UBUNTU-CVE-2024-44954

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warning triggered by syzkaller below so pu...

Linux Kernel 5.6.13 Use-After-Free Exploit

Proof of concept exploit that uses a use-after-free vulnerability due to a race condition in MIDI devices in Linux Kernel version 5.6.13. // gcc -o exploit exploit.c -masm=intel -static -s -lpthread define GNUSOURCE include include include include include include include include include include...

CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

DEBIAN-CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...