Lucene search
+L

202 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

5.7AI score0.00122EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Added a NULL check for the normallink string. It is not guaranteed that all entries of struct sofconnstream declare a normallink a non-SOF, direct link string. This applies to SoCs that only support SO...

5.5CVSS6.2AI score0.00216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SOF: Intel: Fixed NULL pointer dereferencing when ENOMEM occurs. Do not call snddmafreepages when snddmaallocpages returns -ENOMEM, as this can lead to a NULL pointer dereferencing bug. The dmesg indicates the following:...

5.5CVSS6.3AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field will not be set. As a result, sofipc4routesetup will cause a kernel error when attempting to...

5.2AI score0.00156EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SOF: ipc4-topology: Strengthen the loops for querying ALH copiers Other non-DAI copier widgets may have the same stream name sname as the ALH copier. In that case, copier-data will be NULL, and no alhdata will be attache...

5.5CVSS6.5AI score0.00177EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevents underflow in sofipc4prioritymaskdfswrite. The “id” field comes from the user. The type of this field should be changed to unsigned to prevent an array underflow...

7.8CVSS5.8AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction guide. It appears that we encounter TCP socket leaks in the...

6AI score0.00239EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/06 11:32 a.m.7 views

CVE-2025-71286

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

5.5CVSS5.7AI score0.00127EPSS
Exploits0
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.217 views

📄 Samsung libimagecodec.quram.so Buffer Overflow / Denial of Service

This proof of concept demonstrates a denial of service vulnerability in Samsung's libimagecodec.quram.so JPEG decoder. By crafting a structurally valid JPEG file with maliciously large image dimensions height 65535, width 2862 in the SOF0 marker, the decoder performs unsafe size calculations duri...

7.5CVSS5.9AI score0.00223EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21847)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21847 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream...

5.5CVSS5.3AI score0.00204EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2023-52663)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-52663 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak ...

5.5CVSS6.8AI score0.00224EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004008)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004008 advisory. A memory leak in the sofsetgetlargectrldata function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory...

5.5CVSS6.4AI score0.00393EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003671 advisory. A memory leak in the sofdfsentrywrite function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory...

7.8CVSS6.9AI score0.03307EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent a jump to NULL for the addsidecar callback In the createsdwdailink function, it is checked that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if...

6AI score0.00193EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 7:18 p.m.5 views

Malicious code in kapvino-sof-vaids (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 993cd77bda3fed27d22b840d37fc7fe4d0a36a6dc8d99b3bee23673e850ae6fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.4 views

EUVD-2025-140965

Malicious code in kapvino-sof-vaids npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.3 views

EUVD-2025-140967

Malicious code in kapvino-sof-fidobi npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.6 views

EUVD-2025-140964

Malicious code in kapvino-sof-vais npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.4 views

EUVD-2025-140968

Malicious code in kapvino-sof-fidbi npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 7:18 p.m.3 views

EUVD-2025-140970

Malicious code in kapvino-sof-fidabi npm...

6.6AI score
Exploits0
Rows per page
Query Builder