Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-4655

Опубликовано: 18 июн. 2014
Источник: redhat
CVSS2: 3.8
EPSS Низкий

Описание

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.

A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.

Отчет

This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelAffected
Red Hat Enterprise Linux 6kernelFixedRHSA-2014:139213.10.2014
Red Hat Enterprise Linux 7kernelFixedRHSA-2014:197109.12.2014
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2014:108320.08.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1113445Kernel: ALSA: control: use-after-free in replacing user controls

EPSS

Процентиль: 10%
0.00038
Низкий

3.8 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-4655

ubuntu
почти 11 лет назад

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.

nvd логотип

CVE-2014-4655

nvd
почти 11 лет назад

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.

debian логотип

CVE-2014-4655

debian
почти 11 лет назад

The snd_ctl_elem_add function in sound/core/control.c in the ALSA cont ...

github логотип

GHSA-2vv7-7crh-jr74

github
около 3 лет назад

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.

oracle-oval логотип

ELSA-2014-3083

oracle-oval
больше 10 лет назад

ELSA-2014-3083: Unbreakable Enterprise kernel Security update (IMPORTANT)

EPSS

Процентиль: 10%
0.00038
Низкий

3.8 Low

CVSS2