Lucene search
K

20 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added missing error checks to ctlget The ctlget functions that call scarlett2update did not check the return value. This issue has been fixed by adding error checks and passing the return value to the caller...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added a missing error check to scarlett2usbsetconfig. The scarlett2usbsetconfig function calls scarlett2usbget, but did not check the result. If this function fails, an error is returned instead of continuing wit...

5.5CVSS5.5AI score0.00232EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 11:55 p.m.11 views

CVE-2026-43436

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB-audio driver, specifically within the Scarlett2 mixer quirk. A local attacker could exploit this vulnerability by providing a specially crafted, malformed USB descriptor. This could lead to a NULL dereference in the...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 3:16 p.m.4 views

UBUNTU-CVE-2026-43436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.29 views

CVE-2026-43436 ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

0.00123EPSS
Exploits0References6
CVE
CVE
added 2026/05/08 2:22 p.m.24 views

CVE-2026-43436

The CVE-2026-43436 vulnerability affects the Linux kernel ALSA USB-audio driver (Scarlett2 mixer quirk). A malformed USB descriptor can trigger a NULL dereference in scarlett2_find_fc_interface() due to assuming an endpoint exists. The patch adds a sanity check for bNumEndpoints and skips invalid...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a...

5.5CVSS6.2AI score0.00123EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23078

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2usbgetconfig function has a logic error in the endianness conversion code that can cause buffer overflows when count 1. The code checks if size == 2 where size...

7.8CVSS6AI score0.00143EPSS
Exploits0References25
OSV
OSV
added 2026/02/04 4:8 p.m.4 views

CVE-2026-23078 ALSA: scarlett2: Fix buffer overflow in config retrieval

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2usbgetconfig function has a logic error in the endianness conversion code that can cause buffer overflows when count 1. The code checks if size == 2 where size...

7.8CVSS5.6AI score0.00143EPSS
Exploits0References9
EUVD
EUVD
added 2026/02/04 4:8 p.m.5 views

EUVD-2026-5465

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2usbgetconfig function has a logic error in the endianness conversion code that can cause buffer overflows when count 1. The code checks if size == 2 where size...

5.6AI score0.00143EPSS
Exploits0References4
NVD
NVD
added 2025/08/22 4:15 p.m.15 views

CVE-2025-38629

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2inputselectctlinfo sets up the string arrays allocated via kasprintf, but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check...

5.5CVSS0.00143EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/22 4:0 p.m.20 views

CVE-2025-38629 ALSA: usb: scarlett2: Fix missing NULL check

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2inputselectctlinfo sets up the string arrays allocated via kasprintf, but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check...

0.00143EPSS
Exploits0References3
OSV
OSV
added 2025/08/22 4:0 p.m.10 views

CVE-2025-38629 ALSA: usb: scarlett2: Fix missing NULL check

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2inputselectctlinfo sets up the string arrays allocated via kasprintf, but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check...

5.5CVSS6.4AI score0.00143EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/08/22 4:0 p.m.5 views

CVE-2025-38629

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2inputselectctlinfo sets up the string arrays allocated via kasprintf, but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check...

5.5CVSS5.3AI score0.00143EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.7 views

The vulnerability of the scarlett2 component in the Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability of the scarlett2 component in the Linux operating system is related to improper error handling in the scarlett2usbsetconfig function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00232EPSS
Exploits0References26Affected Software4
OSV
OSV
added 2024/08/09 11:8 a.m.4 views

OESA-2024-1964 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix deadlock during failing recovery Commit 0b9902c1fcc5 "s390/qeth: fix deadlock during recovery" removed taking disciplinemutex inside qethdoreset,...

7.8CVSS6.3AI score0.00308EPSS
Exploits0References71
OSV
OSV
added 2024/05/17 3:15 p.m.2 views

DEBIAN-CVE-2023-52689

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing mutex lock around get meter levels As scarlett2meterctlget uses meterlevelmap, the datamutex should be locked while accessing it...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 3:15 p.m.1 views

DEBIAN-CVE-2023-52674

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp in scarlett2mixerctlput Ensure the value passed to scarlett2mixerctlput is between 0 and SCARLETT2MIXERMAXVALUE so we don't attempt to access outside scarlett2mixervalues...

5.5CVSS5.5AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 3:15 p.m.2 views

UBUNTU-CVE-2023-52674

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp in scarlett2mixerctlput Ensure the value passed to scarlett2mixerctlput is between 0 and SCARLETT2MIXERMAXVALUE so we don't attempt to access outside scarlett2mixervalues...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References16
OSV
OSV
added 2024/05/17 3:15 p.m.3 views

UBUNTU-CVE-2023-52689

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing mutex lock around get meter levels As scarlett2meterctlget uses meterlevelmap, the datamutex should be locked while accessing it...

5.5CVSS6.6AI score0.00155EPSS
Exploits0References5
Rows per page
Query Builder