30 matches found
AlmaLinux 10 : kernel (ALSA-2026:2721)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2721 advisory. kernel: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans CVE-2023-53034 kernel: Linux kernel erofs: Use-After-Free due to device type...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper calculation of the number of frames in the USB audio driver, potentially leading to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002554)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002554 advisory. The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active state while the assigned...
SUSE CVE-2025-40269
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential overflow of PCM transfer buffer The PCM stream data in USB-audio driver is transferred over USB URB packet buffers, and each packet size is determined dynamically. The packet sizes are limited by so...
EUVD-2024-51822
Malicious code in bioql PyPI...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an out-of-bounds read in Linux kernel's USB Audio driver [CVE-2024-53150]
Summary IBM Watson Speech Services Cartridge is vulnerable to an out-of-bounds read in Linux kernel's USB Audio driver, due to a failure to check bLength of each descriptor at traversing for clock descriptors CVE-2024-53150. Linux kernel's USB Audio driver is used in our speech microservices. Thi...
Moderate: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
Linux Kernel Out-of-Bounds Read Vulnerability
Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information...
Linux Kernel Out-of-Bounds Access Vulnerability
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code...
kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...
Azure Linux 3.0 Security Update: kernel (CVE-2024-53150)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53150 advisory. - In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads...
Linux Distros Unpatched Vulnerability : CVE-2024-53150
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio...
Linux Distros Unpatched Vulnerability : CVE-2016-2184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to...
CVE-2024-53150
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descripto...
CVE-2024-53150
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descripto...
CVE-2024-53150 ALSA: usb-audio: Fix out of bounds reads when finding clock sources
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descripto...
CVE-2024-53150
The CVE-2024-53150 issue affects the Linux kernel USB-audio (ALSA: usb-audio). The root cause is that the driver does not validate the bLength field of descriptors while traversing clock-related descriptors, allowing a bogus shorter descriptor to cause out-of-bounds reads. The public patch adds s...
CVE-2024-53150 ALSA: usb-audio: Fix out of bounds reads when finding clock sources
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descripto...
USN-4163-2: Linux kernel (Xenial HWE) vulnerabilities
USN-4163-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that a race condition existed in the ARC EMAC ethernet driver for th...