Lucene search
K

1480 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper function to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm. From kcontrol, we will receive a NULL...

5.5CVSS5.7AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: q6apm: moved component registration to unmanaged version The q6apm component registers DAIS dynamically from ASoC toplology. These resources are allocated using device-managed API methods. Assigning both components...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: of/fdt: Perform SOC memory setup when earlyinitdtscanmemory fails. If memory is found, earlyinitdtscanmemory now returns 1. If no memory is found, it returns 0, allowing other memory setup mechanisms to continue. Previously,...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use the IRQ domain for USB Type-C devices. While the idea of adapting the driver to utilize the hierarchy of IRQ chips is correct from a design perspective, the implementation contains flaws. This issue wa...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References2
NVD
NVD
added 2026/05/15 3:16 a.m.31 views

CVE-2025-66664

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

4.6CVSS0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/05/15 3:16 a.m.34 views

CVE-2025-66660

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

1.8CVSS0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 2:42 a.m.21 views

EUVD-2025-209877

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 2:42 a.m.22 views

CVE-2025-66660

CVE-2025-66660 affects the TEE SOC Driver. Root cause: insufficient parameter sanitization that could let an attacker issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT, causing incorrect shared memory mapping and potentially leading to unexpected behavior. Exploitation is described as local ...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 2:41 a.m.6 views

CVE-2025-66664

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

4.6CVSS5.8AI score0.00112EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/15 2:41 a.m.52 views

CVE-2025-66664

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

4.6CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:41 a.m.40 views

CVE-2026-0428

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCOPYVFCHIPLETREGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 2:41 a.m.9 views

CVE-2026-0428

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCOPYVFCHIPLETREGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 2:41 a.m.11 views

EUVD-2026-30500

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCOPYVFCHIPLETREGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.17 views

PT-2026-41259

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID SRIOV COPY VF CHIPLET REGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References2
CVE
CVE
added 2026/05/13 3:8 p.m.22 views

CVE-2026-43478

The CVE-2026-43478 issue affects the Linux kernel ASoC codecs rt1011 path. The root cause is using an incorrect helper to obtain the DAPM context in spk_mode_put; the correct function is snd_soc_component_to_dapm() and relying on the kcontrol flow can yield a NULL pointer. Provided connected sour...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.9 views

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS5.7AI score0.00113EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of error checking in the clock acquisition process within ASoC and acp-mach-common. This...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.9 views

When the Ruler Is Broken: Parsing-Induced Suppression in LLM-Based Security Log Evaluation

LLM-based SOC log classifiers are commonly evaluated using regular-expression pipelines that extract structured fields from free-form model output. We demonstrate that this practice introduces a class of silent, systematic evaluation errors, which we term parsing-induced suppression that can caus...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.9 views

CVE-2026-43108

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreglocpfrreqei It looks element length declared in servreglocpfrreqei for reason not matching servreglocpfrreq's reason field due which we could observe decoding error on PD crash...

5.7AI score0.00114EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/06 7:40 a.m.16 views

CVE-2026-43095

In CVE-2026-43095, the Linux kernel ASoC SDCA subsystem fixes an IRQ cleanup flaw. IRQs are currently enabled via sdca_irq_populate() from component probe using devm_request_threaded_irq(), which can cause IRQs to persist after a sound card teardown. Some IRQ handlers hold references to the card ...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder