201 matches found
UBUNTU-CVE-2022-50305
In the Linux kernel, the following vulnerability has been resolved: ASoC: sofes8336: fix possible use-after-free in sofes8336remove sofes8336remove calls canceldelayedwork. However, that function does not wait until the work function finishes. This means that the callback function may still be...
USN-7703-4 linux-gke, linux-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7719-1 linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7703-3 linux-oracle, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7703-2 linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gkeop, linux-ibm, linux-ibm-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7703-1 linux, linux-aws, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7699-1 linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...
DEBIAN-CVE-2025-38438
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...
UBUNTU-CVE-2025-38438
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...
CVE-2025-38438
CVE-2025-38438 – Linux kernel ASoC: SOF: Intel: hda: devm_kstrdup() used to prevent memleak. The issue arises in sof_pdata->tplg_filename where memory allocated by kstrdup() could be overwritten, creating a memory leak detected by kmemleak. The vulnerability is specific to the SOF Intel HDA dr...
SUSE CVE-2025-38056
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix UAF when reloading module hdagenericmachineselect appends -idisp to the tplg filename by allocating a new string with devmkasprintf, then stores the string right back into the global variable...
UBUNTU-CVE-2022-50016
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...
UBUNTU-CVE-2022-50115
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...
UBUNTU-CVE-2022-50015
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...
CVE-2022-50115
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...
CVE-2022-50051 ASoC: SOF: debug: Fix potential buffer overflow by snprintf()
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...
CVE-2022-50051
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...
CVE-2022-50050
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...
CVE-2025-38056
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix UAF when reloading module hdagenericmachineselect appends -idisp to the tplg filename by allocating a new string with devmkasprintf, then stores the string right back into the global variable...
PT-2025-25976 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential buffer overflow issue has been identified in the Linux kernel, specifically in the ASoC: SOF: Intel: hda component. The issue arises from the use of snprintf, which returns...