Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002735)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002735 advisory. sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition,...

Oracle Linux 8 : kernel (ELSA-2020-3010)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3010 advisory. - vfio vfio/pci: Fix SR-IOV VF handling with MMIO blocking Alex Williamson 1837309 1837310 CVE-2020-12888 - x86 kvm: Clean up host's steal time structu...

kernel: use-after-free in sound/core/timer.c

A memory flaw was found in the ALSA subsystem of the Linux kernel. The struct sndtimerinstance function fails the timer-maxinstances check leading to an invalid address. This could lead to a use-after-free vulnerability...

CVE-2019-19807

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to sndtimeropen and sndtimercloselocked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a...

CVE-2019-19807

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to sndtimeropen and sndtimercloselocked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a...

Linux Kernel 'sound/core/timer.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in Linux Kernel 'sound/core/timer.c', which results in a local user being able to read information belonging to other users...

CVE-2016-4578

A vulnerability was found in Linux kernel. There is an information leak in file sound/core/timer.c of the latest mainline Linux kernel. The stack object “r1” has a total size of 32 bytes. Its field “event” and “val” both contain 4 bytes padding. These 8 bytes padding bytes are sent to user withou...

Security update for the Linux Kernel (important)

The openSUSE 13.2 kernel was updated to fix various bugs and security issues. The following security bugs were fixed: - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and...

Linux kernel information disclosure vulnerability (CNVD-2016-03218)

Linux kernel is an open source operating system. A security vulnerability exists in Linux kernel sound/core/timer, which allows local attackers to exploit the vulnerability to obtain sensitive information...