Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2023/04/05 7:42 p.m.4 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/04/05 2:8 p.m.11 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/27 8:13 a.m.10 views

ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...

7.9CVSS6.6AI score0.03702EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.6 views

The vulnerability of the `sndctl elem_add` function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the sndctl elemadd function in the Linux kernel’s sound/core/control.c file is related to the line count = info-owner, which may be processed with possible errors when calculating privatesize count. Exploiting this vulnerability could allow an attacker to execute arbitrary co...

5.9CVSS7AI score0.00511EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2020/04/12 9:25 p.m.43 views

CVE-2020-11725

sndctlelemadd in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-owner line, which later affects a privatesizecount multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were...

7.5AI score0.00511EPSS
Exploits1References3
Veracode
Veracode
added 2019/01/15 8:59 a.m.35 views

Information Disclosure

Linux kernel-rt is vulnerable to information disclosure. A NULL pointer dereference in the sndctlelemusertlv function in sound/core/control.c allows a local privileged user to exploit the vulnerability to leak kernel memory to user space...

1.9CVSS5.6AI score0.00335EPSS
Exploits0References18Affected Software2
Prion
Prion
added 2014/07/03 4:22 a.m.30 views

Race condition

Race condition in the tlv handler functionality in the sndctlelemusertlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access...

1.9CVSS5.9AI score0.00335EPSS
Exploits0References15Affected Software6
Rows per page
Query Builder