Lucene search
K

235 matches found

OSV
OSV
added 3 days ago4 views

OESA-2026-2850 alsa-lib security update

The alsa-lib is a library to interface with ALSA in the Linux kernel and virtual devices using a plugin system. More detail: https://alsa.opensrc.org/Alsa-lib Security Fixes: The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in...

7CVSS6AI score0.00138EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 3 days ago4 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.2AI score0.00103EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

UBUNTU-CVE-2026-53350

In the Linux kernel, the following vulnerability has been resolved: ASoC: wmadsp: Fix NULL dereference when removing firmware controls In wmadspcontrolremove check that the priv pointer is not NULL before attempting to cleanup what it points to. When csdsp creates a control it calls...

5.7AI score0.00161EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.8 views

CVE-2026-53348

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.5 views

kernel: ALSA: aloop: Fix racy access at PCM trigger

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...

7.8CVSS6AI score0.00113EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 6:16 a.m.8 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.8AI score0.00103EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary,...

5.5CVSS6AI score0.00127EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

UBUNTU-CVE-2026-53291

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References10
CVE
CVE
added 2026/06/26 7:40 p.m.11 views

CVE-2026-53291

CVE-2026-53291 affects the Linux kernel ALSA hda/conexant driver. The root cause is the ignored return value from snd_hda_jack_detect_enable_callback() in cx_probe(); if the call fails, an error pointer is returned and not checked, potentially leading to a crash when jack events are handled. The ...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 6:29 p.m.9 views

CVE-2026-52963

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA USB audio driver. The driver's handling of MIDI Musical Instrument Digital Interface endpoint descriptors did not properly bound scans, allowing it to read beyond the intended memory buffer. This out-of-bounds read coul...

5.5CVSS5.7AI score0.00184EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 12:32 a.m.6 views

CVE-2026-53192

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. A race condition can occur during the release of a timer object, specifically when the SNDRVTIMERIOCTLPARAMS ioctl is called concurrently. This can lead to a use-after-free vulnerability, potentially...

7.8CVSS6.4AI score0.00134EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-52930

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA hda/conexant component where the cx probe function fails to verify the return value of snd hda jack detect enable callback. This function returns a pointer th...

5.7AI score0.00122EPSS
Exploits0References10
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.8AI score0.00127EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/22 6:16 p.m.2 views

UBUNTU-CVE-2026-56109

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS5.9AI score0.00138EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/22 3:58 p.m.6 views

EUVD-2026-38301

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS5.9AI score0.00138EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed negative period/buffer sizes The calculation of the period size in the OSS layer may generate a negative value as an error. However, the code there assumes only positive values and handles them using sizet. ...

5.5CVSS5.8AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: ump – Buffer overflow in the conversion of MIDI 1.0 messages to UMP packets The conversion function from MIDI 1.0 messages to UMP packets includes an internal buffer to store the incoming MIDI bytes. The size of this buffer...

7.8CVSS6.3AI score0.00205EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/11 11:39 a.m.8 views

kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

7.8CVSS5.5AI score0.00128EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 12:0 a.m.11 views

ALSA-2026:25217 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

9.8CVSS5.5AI score0.00563EPSS
Exploits0References24
Rows per page
Query Builder