Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alsa vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2009-0035
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.
Alsa-project Alsa
8.1
CVSSv3
CVE-2019-13351
posix/JackSocket.cpp in libjack in JACK2 1.9.1 up to and including 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multith...
Jackaudio Jack2
Alsa-project Alsa
NA
CVE-2005-0087
The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for malicious users to execute arbitrary code if there are other vulnerabilities in the library.
Alsa-project Alsa-lib 1.0.6
Redhat Enterprise Linux 4.0
8.8
CVSSv3
CVE-2017-3576
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.0.38 and before 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructur...
Oracle Vm Virtualbox
1 EDB exploit
NA
CVE-2007-4571
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel prior to 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small coun...
Linux Linux Kernel
1 EDB exploit
7.8
CVSSv3
CVE-2017-4915
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.
Vmware Workstation Player 12.0.0
Vmware Workstation Pro 12.0.0
2 EDB exploits
NA
CVE-2021-47096
In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. Th...
7.8
CVSSv3
CVE-2017-7369
In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption.
Google Android
NA
CVE-2021-47211
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc The pointer cs_desc return from snd_usb_find_clock_source could be null, so there is a potential null pointer dereference issue. Fix this by adding...
7.8
CVSSv3
CVE-2012-6703
Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel prior to 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other...
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »