CVE-2026-31619 ALSA: fireworks: bound device-supplied status before string array lookup

In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device. efrstatusnames has 17 entries so a status value outside that range go...

EUVD-2026-25512

In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device. efrstatusnames has 17 entries so a status value outside that range go...

PT-2026-34971

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA fireworks component where the system fails to properly validate the status field in an EFW response. This field is a 32-bit value supplied by the firewire...

Linux Distros Unpatched Vulnerability : CVE-2020-5254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NetHack before 3.6.6, some out-of-bound values for the hilitestatus option can be exploited. NetHack 3.6.6 resolves this issue. CVE-2020-5254 Note that Nessu...