CVE-2025-37805

CVE-2025-37805 (Linux kernel) : The issue arises in sound/virtio (virtio_snd) during probe/remove sequences, where uninitialized sub-structures could trigger cancel_work_sync on an uninitialized work_struct, leading to a warning trace in kernel/workqueue.c. The fix (as discussed in the connected ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability in the ALSA:pcm:oss module...

SUSE CVE-2017-11311

soundlib/Loadpsm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples...

CVE-2019-19807

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to sndtimeropen and sndtimercloselocked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a...

DEBIAN-CVE-2017-9986

The intr function in sound/oss/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "doub...

kernel: Information leak in Linux sound module in timer.c

A vulnerability was found in Linux kernel. There is an information leak in file "sound/core/timer.c" of the latest mainline Linux kernel, the stack object “tread” has a total size of 32 bytes. It contains a 8-bytes padding, which is not initialized but sent to user via copytouser, resulting a...

kernel: Information leak in Linux sound module in timer.c

A vulnerability was found in Linux kernel. There is an information leak in file "sound/core/timer.c" of the latest mainline Linux kernel, the stack object “tread” has a total size of 32 bytes. It contains a 8-bytes padding, which is not initialized but sent to user via copytouser, resulting a...

Linux kernel sound module information disclosure vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. An information disclosure vulnerability exists in the sound module of the Linux kernel, which stems from a program's failure to initialize the padding bytes in the 'tread' sta...

CVE-2016-2548

sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...