ROS-20260407-73-0021

A vulnerability in the sound/usb/validate.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

CVE-2026-23089

CVE-2026-23089 is a Linux-kernel issue in ALSA USB-audio: use-after-free in snd_usb_mixer_free() when mixer creation fails, causing freed mixer control memory to be referenced by callbacks during card registration. The connected advisories confirm the root cause and state the fix is to remove all...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001144)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001144 advisory. The sndusbcreatestreams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003778)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003778 advisory. checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. Tenable has extracted the preceding...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003600)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003600 advisory. parseaudiomixerunit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. Tenable has extract...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003715)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003715 advisory. checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. Tenable has extracted the preceding...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003704 advisory. An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function buildaudioprocunit in the file sound/usb/mixer.c. Tenable h...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000340 advisory. checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. Tenable has extracted the preceding...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000479 advisory. An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function buildaudioprocunit in the file sound/usb/mixer.c. Tenable h...

EUVD-2019-6831

Malware in sbrugna...

SUSE CVE-2017-16529

The sndusbcreatestreams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...

The vulnerability in the sound/usb/mixer.c component of the Linux operating system, which occurs when the operation exceeds the permissible buffer data limits, allows an attacker to access confidential information or cause service failures.

The vulnerability in the sound/usb/mixer.c component of the Linux kernel is related to the operation of pushing data beyond the buffer’s allowed limits. Exploiting this vulnerability can allow an attacker to access confidential information or cause service failures...

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. The vulnerability exists through an out-of-bounds access in the function buildaudioprocunit in the file sound/usb/mixer.c...

CentOS 8 : kernel (CESA-2019:2703)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2703 advisory. - kernel: Use-after-free in sound/usb/card.c:usbaudioprobe CVE-2018-19824 - kernel: Count overflow in FUSE request leading to use-after-free issues...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists through a null pointer dereference in the sound/usb/line6/pcm.c...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: Use-after-free in sound/usb/card.c:usb_audio_probe()

A flaw was found In the Linux kernel, through version 4.19.6, where a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces that is mishandled in usbaudioprobe in sound/usb/card.c. An attacker could corrupt memory and possibly...

RHEL 8 : kernel (RHSA-2019:2703)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2703 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Heap overflow in...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2299-1)

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-3819: A flaw was fixed in the function hiddebugeventsread in drivers/hid/hid-debug.c file which may have enter an infinite loop with certain parameters...

Linux kernel out-of-bounds access vulnerability (CNVD-2019-31652)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An out-of-bounds access vulnerability exists in the buildaudioprocunit function in sound/usb/mixer.c in versions of Linux kernel prior to 4.20.2. No details of the...