7 matches found
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...
The vulnerability of the `sndctl elem_add` function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the sndctl elemadd function in the Linux kernel’s sound/core/control.c file is related to the line count = info-owner, which may be processed with possible errors when calculating privatesize count. Exploiting this vulnerability could allow an attacker to execute arbitrary co...
CVE-2020-11725
sndctlelemadd in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-owner line, which later affects a privatesizecount multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were...
Information Disclosure
Linux kernel-rt is vulnerable to information disclosure. A NULL pointer dereference in the sndctlelemusertlv function in sound/core/control.c allows a local privileged user to exploit the vulnerability to leak kernel memory to user space...
Race condition
Race condition in the tlv handler functionality in the sndctlelemusertlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access...