Lucene search
Redhat.comRH:CVE-2024-26654HistoryApr 01, 2024 - 9:26 a.m.
CVE-2024-26654
2024-04-0109:26:08
redhat.com
access.redhat.com
11
alsa
linux kernel
vulnerability
uaf bugs
pcm sync_stop
A vulnerability was found in the ALSA sh driver of Linux Kernel, when the snd_pcm_substream closes and deallocates aica_channel, which can still be accessed by the spu_dma_work scheduled by dreamcastcard->timer and del_timer() returns directly, allowing the worker thread to be rescheduled during timer handling potentially leads to an Use-After-Free.
Mitigation
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Related
nvd
nvd
CVE-2024-26654
2024-04-01 09:15:51
ubuntucve
ubuntucve
CVE-2024-26654
2024-04-01 00:00:00
cvelist
cvelist
CVE-2024-26654 ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
2024-04-01 08:35:19
debiancve
debiancve
CVE-2024-26654
2024-04-01 09:15:51
cve
cve
CVE-2024-26654
2024-04-01 09:15:51
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0141)
2024-04-23 00:00:00
Mageia: Security Advisory (MGASA-2024-0142)
2024-04-23 00:00:00
Debian: Security Advisory (DSA-5658-1)
2024-04-15 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-04-23 04:20:56
osv
osv
linux - security update
2024-04-13 00:00:00
linux-aws, linux-gcp vulnerabilities
2024-06-07 18:49:30
linux-oem-6.8 vulnerabilities
2024-06-10 19:28:08
nessus
nessus
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1837)
2024-06-25 00:00:00
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1816)
2024-06-25 00:00:00
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2024-06-11 00:00:00
Linux kernel vulnerabilities
2024-06-14 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39