67 matches found
CVE-2026-45258 Multiple vulnerabilities in the sound(4) mmap path
dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and length wrapped around and passed the check. The offset was then narrowed from 64 to 32 bits when converted to ...
CVE-2026-3196
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
CVE-2026-3196 Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
CVE-2026-3196
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
EUVD-2026-38042
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: Intel: sofsdw – handling errors during card registration. If card registration fails, usually due to deferred probes, the device properties added for headset codecs are not removed, which leads to kernel errors during...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SOF: Intel: Fixed NULL pointer dereferencing when ENOMEM occurs. Do not call snddmafreepages when snddmaallocpages returns -ENOMEM, as this can lead to a NULL pointer dereferencing bug. The dmesg indicates the following:...
USN-8180-6 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
TencentOS Server 4: qemu (TSSA-2026:0167)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0167 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
PT-2026-27666
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ASoC ALSA System on Chip subsystem, specifically in the SDCA Simple Device Configuration Architecture component. The find sdca entity iot...
EUVD-2019-15102
Malware in sbrugna...
EUVD-2019-19095
Malware in sbrugna...
EUVD-2018-11499
Malware in sbrugna...
EUVD-2024-20715
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-7566
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user. CVE-2018-7566 Note that...
CVE-2019-9730
Incorrect access control in the CxUtilSvc component of the Synaptics Sound Device drivers prior to version 2.29 allows a local attacker to increase access privileges to the Windows Registry via an unpublished API...
Linux Distros Unpatched Vulnerability : CVE-2024-23196
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition was found in the Linux kernel's sound/hda device driver in sndhdacregmapsync function. This can result in a null pointer dereference issue,...
UBUNTU-CVE-2024-50011
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item There is no linksnum in struct sndsocacpimach , and we test !link-numadr as a condition to end the loop in hdasdwmachineselect. So an empty item in struct...
CVE-2024-23196
A race condition was found in the Linux kernel's sound/hda device driver in sndhdacregmapsync function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue...
SUSE CVE-2018-19824
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces that is mishandled in usbaudioprobe in sound/usb/card.c...