14 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005037)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005037 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of sndseqtimeropen The timer instance per queue is exclusive, and...
CLSA-2025-1739292069 kernel: Fix of 13 CVEs
media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - btrfs: fix information leak in btrfsioctllogicaltoino CVE-2024-35849 - net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 - netfilter: xtables: fix LED ID check in ledtgcheck...
K03564319: Linux kernel vulnerability CVE-2018-7566
Security Advisory Description The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user. CVE-2018-7566 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
SUSE CVE-2016-2543
The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...
PT-2024-11285 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition in the snd seq timer open function, where the timer instance per queue is exclusive, but concurrent accesses are not properly managed. This can...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service. Local users are able to exploit a race condition in the ALSA subsystem to crash the application via malicious /dev/snd/seq ioctl calls. The crash is a result of a use-after-free UAF bug in sndseqioctlcreateport...
kernel: Use-after-free in snd_seq_ioctl_create_port()
A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation...
kernel: race condition in snd_seq_write() may lead to UAF or OOB-access
ALSA sequencer core initializes the event pool on demand by invoking sndseqpoolinit when the first write happens and the pool is empty. A user can reset the pool size manually via ioctl concurrently, and this may lead to UAF or out-of-bound access...
kernel: Use-after-free in snd_seq_ioctl_create_port()
A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation...
Ubuntu: Security Advisory (USN-3631-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0990-1)
This update for the Linux Kernel 4.4.114-9264 fixes several issues. The following security issues were fixed : - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2 video driver bsc1085447. - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface for bridging...
kernel: Use-after-free in snd_seq_ioctl_create_port()
A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation...
CVE-2018-7566
The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user...
CVE-2018-7566
The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user...