CVE-2026-43437

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture PCM Pulse Code Modulation subsystem. A local attacker could exploit a use-after-free vulnerability by triggering a race condition when closing a linked audio stream. This could lead to system instability, denial of...

CLSA-2026-1777947331 Fix CVE(s): CVE-2023-35945

SECURITY UPDATE: HTTP/2 memory leak in nghttp2 codec - debian/patches/CVE-2023-35945.patch: fix memory leak in nghttp2sessionmemsendinternal when stream close callback fails with a fatal error - CVE-2023-35945...

PT-2025-36468

Name of the Vulnerable Software and Affected Versions: EOL ASP.NET versions 6.0.0 through 6.0.36 EOL ASP.NET versions 8.0.0 through 8.0.8 EOL ASP.NET versions 9.0.0-preview.1.24081.5 through 9.0.0.RC.1 Description: A race condition may occur when closing an HTTP/3 stream while application code is...

CVE-2024-27057

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sofipc4pcmhwfree is invoked to reset the pipelines since during suspend the DSP is turned off, streams...

CVE-2019-13289

In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool...