Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-1048
HistoryMar 25, 2022 - 12:00 a.m.

CVE-2022-1048

2022-03-2500:00:00
ubuntu.com
ubuntu.com
30
linux kernel sound subsystem
use-after-free
local user privilege escalation

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

A use-after-free flaw was found in the Linux kernel’s sound subsystem in
the way a user triggers concurrent calls of PCM hw_params. The hw_free
ioctls or similar race condition happens inside ALSA PCM for other ioctls.
This flaw allows a local user to crash or potentially escalate their
privileges on the system.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-191.202UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-124.140UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-35.36UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1139.150UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1083.90UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1009.11UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1083.90~18.04.1UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1139.150~16.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1089.94UNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1008.9UNKNOWN
Rows per page:
1-10 of 551

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%