Page 18 of 3169 results (0.009 seconds)

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). This variant returns immediately while the release of resources is done asynchronously by the card device release at the last close. • https://git.kernel.org/stable/c/230cd5e24853ed4dd960461989b8ed0986d37a99 https://git.kernel.org/stable/c/24fe9f7ca83ec9acf765339054951f5cd9ae5c5d https://git.kernel.org/stable/c/befcca1777525e37c659b4129d8ac7463b07ef67 https://git.kernel.org/stable/c/7bd8838c0ea886679a32834fdcacab296d072fbe https://git.kernel.org/stable/c/e07605d855c4104d981653146a330ea48f6266ed https://git.kernel.org/stable/c/ffbfc6c4330fc233698529656798bee44fea96f5 https://git.kernel.org/stable/c/e869642a77a9b3b98b0ab2c8fec7af4385140909 https://git.kernel.org/stable/c/dafb28f02be407e07a6f679e922a62659 •

CVSS: -EPSS: 0%CPEs: 9EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). This variant returns immediately while the release of resources is done asynchronously by the card device release at the last close. The loop of us122l->mmap_count check is dropped as well. The check is useless for the asynchronous operation with *_when_closed(). • https://git.kernel.org/stable/c/030a07e441296c372f946cd4065b5d831d8dc40c https://git.kernel.org/stable/c/020cbc4d7414f0962004213e2b7bc5cc607e9ec7 https://git.kernel.org/stable/c/75f418b249d84021865eaa59515d3ed9b75ce4d6 https://git.kernel.org/stable/c/bf0aa35a7cb8602cccf2387712114e836f65c154 https://git.kernel.org/stable/c/9a48bd2184b142c92a4e17eac074c61fcf975bc9 https://git.kernel.org/stable/c/bc778ad3e495333eebda36fe91d5b2c93109cc16 https://git.kernel.org/stable/c/2938dd2648522336133c151dd67bb9bf01cbd390 https://git.kernel.org/stable/c/9b27924dc8d7f8a8c35e521287d4ccb9a •

CVSS: -EPSS: 0%CPEs: 9EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). This variant returns immediately while the release of resources is done asynchronously by the card device release at the last close. This patch also splits the code to the disconnect and the free phases; the former is called immediately at the USB disconnect callback while the latter is called from the card destructor. • https://git.kernel.org/stable/c/523f1dce37434a9a6623bf46e7893e2b4b10ac3c https://git.kernel.org/stable/c/3993edf44d3df7b6e8c753eac6ac8783473fcbab https://git.kernel.org/stable/c/ebad462eec93b0f701dfe4de98990e7355283801 https://git.kernel.org/stable/c/4dd821dcbfcecf7af6a08370b0b217cde2818acf https://git.kernel.org/stable/c/cadf1d8e9ddcd74584ec961aeac14ac549b261d8 https://git.kernel.org/stable/c/237f3faf0177bdde728fa3106d730d806436aa4d https://git.kernel.org/stable/c/4507a8b9b30344c5ddd8219945f446d47e966a6d https://git.kernel.org/stable/c/dd0de8cb708951cebf727aa045e8242ba •

CVSS: -EPSS: 0%CPEs: 9EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as we're calling snd_card_free_when_closed()). For avoid potential UAFs, move the release of resources to the card's private_free instead of the manual call of usb6fire_chip_destroy() at the USB disconnect callback. • https://git.kernel.org/stable/c/c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 https://git.kernel.org/stable/c/74357d0b5cd3ef544752bc9f21cbeee4902fae6c https://git.kernel.org/stable/c/273eec23467dfbfbd0e4c10302579ba441fb1e13 https://git.kernel.org/stable/c/f2d06d4e129e2508e356136f99bb20a332ff1a00 https://git.kernel.org/stable/c/b889a7d68d7e76b8795b754a75c91a2d561d5e8c https://git.kernel.org/stable/c/ea8cc56db659cf0ae57073e32a4735ead7bd7ee3 https://git.kernel.org/stable/c/b754e831a94f82f2593af806741392903f359168 https://git.kernel.org/stable/c/0df7f4b5cc10f5adf98be0845372e9eef •

CVSS: -EPSS: 0%CPEs: 10EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child() Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in device_for_each_child+0x18f/0x1a0 Read of size 8 at addr ffff88801f605308 by task kbnepd bnep0/4980 CPU: 0 UID: 0 PID: 4980 Comm: kbnepd bnep0 Not tainted 6.12.0-rc4-00161-gae90f6a6170d #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x100/0x190 ? device_for_each_child+0x18f/0x1a0 print_report+0x13a/0x4cb ? __virt_addr_valid+0x5e/0x590 ? __phys_addr+0xc6/0x150 ? device_for_each_child+0x18f/0x1a0 kasan_report+0xda/0x110 ? • https://git.kernel.org/stable/c/53d61daf35b1bbf3ae06e852ee107aa2f05b3776 https://git.kernel.org/stable/c/ba7088769800d9892a7e4f35c3137a5b3e65410b https://git.kernel.org/stable/c/87624b1f9b781549e69f92db7ede012a21cec275 https://git.kernel.org/stable/c/56a4fdde95ed98d864611155f6728983e199e198 https://git.kernel.org/stable/c/a85fb91e3d728bdfc80833167e8162cce8bc7004 https://git.kernel.org/stable/c/5c53afc766e07098429520b7677eaa164b593451 https://git.kernel.org/stable/c/3c4236f1b2a715e878a06599fa8b0cc21f165d28 https://git.kernel.org/stable/c/fc666d1b47518a18519241cae213de1ba •