Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2022-49253

CVE-2022-49253 affects the Linux kernel in the media: usb: go7007: s2250-board path, where a leak is fixed by calling i2c_unregister_device(audio) on the error path during probe. Connected sources (SUSE Astra Linux advisories) confirm the fix is in this area. The CVE description in the initial do...

CVE-2022-48701

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB audio device with a USB ID of 0x04fa, 0x4201 and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsi...

CVE-2022-48701

The CVE-2022-48701 issue is in the Linux kernel ALSA usb-audio driver: an out-of-bounds read can occur in __snd_usb_parse_audio_interface() when parsing a USB device (USB ID 0x04fa:0x4201) that has fewer than 4 interfaces. The fix is to validate the interface count before parsing. Public referenc...

CVE-2022-48701

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB audio device with a USB ID of 0x04fa, 0x4201 and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsi...

CVE-2022-48701 ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB audio device with a USB ID of 0x04fa, 0x4201 and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsi...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4439-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4439-1 advisory. It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An...

USN-4439-1 linux-gke-5.0, linux-oem-osp1 vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...

USN-4439-1: Linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...

Denial Of Service (DoS)

The kernel is vulnerable to denial of service DoS. It is due to buffer overflow flaws in sndusbcaiaqaudioinit and sndusbcaiaqmidiinit could allow a local, unprivileged user with access to a Native Instruments USB audio device to cause a denial of service or escalate their privileges...