53 matches found
kernel: sound: a race condition in the kernel sound timer in snd_timer_user_read()
A race condition was found in the Linux kernel's sound timer code in the sndtimeruserread function in the sound/core/timer.c file. An unprivileged attacker can exploit the race condition to cause an out-of-bound access which may lead to a system crash or other unspecified impact. Due to the natur...
kernel: sound: a race condition in the kernel sound timer in snd_timer_user_read()
A race condition was found in the Linux kernel's sound timer code in the sndtimeruserread function in the sound/core/timer.c file. An unprivileged attacker can exploit the race condition to cause an out-of-bound access which may lead to a system crash or other unspecified impact. Due to the natur...
kernel: sound: a race condition in the kernel sound timer in snd_timer_user_read()
A race condition was found in the Linux kernel's sound timer code in the sndtimeruserread function in the sound/core/timer.c file. An unprivileged attacker can exploit the race condition to cause an out-of-bound access which may lead to a system crash or other unspecified impact. Due to the natur...
DEBIAN-CVE-2016-4578
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the 1 sndtimeruserccallback and 2 sndtimerusertinterrupt...
DEBIAN-CVE-2016-4569
The sndtimeruserparams function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface...
CVE-2016-4578
CVE-2016-4578 affects the Linux kernel’s ALSA timer subsystem (snd_timer_user_ccallback and snd_timer_user_tinterrupt). The provided sources confirm a local information leak: if the snd_timer interfaces are used, uninitialized r1 data can be read from kernel stack memory, enabling a local attacke...
CVE-2016-4569
The sndtimeruserparams function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface...
CVE-2016-2548
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...
DEBIAN-CVE-2016-2548
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...
Design/Logic Flaw
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...
UBUNTU-CVE-2016-2547
sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
UBUNTU-CVE-2016-2546
sound/core/timer.c in the Linux kernel before 4.4.1 uses an incorrect type of mutex, which allows local users to cause a denial of service race condition, use-after-free, and system crash via a crafted ioctl call...
UBUNTU-CVE-2016-2548
sound/core/timer.c in the Linux kernel before 4.4.1 retains certain linked lists after a close or stop action, which allows local users to cause a denial of service system crash via a crafted ioctl call, related to the 1 sndtimerclose and 2 sndtimerstop functions...