85 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fixed resource leaks during component removal. The MBHC resources must be released in case of component probe failures and removals; therefore, they cannot be tied to the lifetime of the component devic...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: For the hda codecs, do not unset the preset when cleaning up the codec. Several functions involved in the initialization and removal of codecs are reused by ASoC codec driver implementations. These drivers mimic the behavio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SDCA: Fixed errors in IRQ cleanup. IRQs are enabled through sdcairqpopulate from the component probe using devmrequestthreadedirq. However, this means that IRQs may persist if the sound card is removed. Some of the IRQ...
SUSE CVE-2026-43459
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...
CVE-2026-43459
A flaw was found in the Linux kernel's sound subsystem ASoC. When a sound card is unbound while an audio stream is active, a timing issue can lead to a use-after-free vulnerability. This occurs because certain resources are freed before all pending operations are completed. A local attacker could...
EUVD-2026-28765
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...
CVE-2026-43459
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...
UBUNTU-CVE-2026-43459
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...
CVE-2026-43459
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...
CVE-2026-43459
CVE-2026-43459 concerns the Linux kernel ASoC subsystem: when unbinding a sound card while a PCM stream is active, a use-after-free can occur due to teardown ordering. The fix adds a flush in soc_cleanup_card_resources() after snd_card_disconnect_sync() and before soc_remove_dais()/soc_remove_lin...
PT-2026-39120
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA System on Chip ASoC core. When a sound card is unbound while a PCM stream is open, the close delayed work workqueue handler calls snd soc dapm...
CVE-2026-43095
A flaw was found in the Linux kernel's ASoC SDCA subsystem. This vulnerability involves improper cleanup of Interrupt ReQuests IRQs when a sound card is removed. This can lead to IRQ handlers attempting to access invalid memory, which may cause a system crash and result in a Denial of Service DoS...
CVE-2026-43095
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of devm in SDCA for handling IRQs. This can lead to the persistence of IRQs after the sou...
DEBIAN-CVE-2026-31581
In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004207)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004207 advisory. go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak, aka...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003879)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003879 advisory. go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak, aka...
EUVD-2023-60496
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snddevmcardnew sndcardymfpciremove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to sndcardnew was not replaced with...
Linux Distros Unpatched Vulnerability : CVE-2023-53842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied ...
EUVD-2023-60154
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied to the lifetime of the component device. This is specifically needed ...