Описание
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
Use-after-free vulnerability in the snd_pcm_info() function in the ALSA subsystem in the Linux kernel allows attackers to induce a kernel memory corruption and possibly crash or lock up a system. Due to the nature of the flaw, a privilege escalation cannot be fully ruled out, although we believe it is unlikely.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Affected | ||
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2018:2390 | 14.08.2018 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2018:3096 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2018:3083 | 30.10.2018 |
| Red Hat Enterprise Linux 7.5 Extended Update Support | kernel | Fixed | RHSA-2020:0036 | 07.01.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7 High
CVSS3
Связанные уязвимости
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
Use-after-free vulnerability in the snd_pcm_info function in the ALSA ...
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
Security update for the Linux Kernel (Live Patch 29 for SLE 12)
EPSS
7 High
CVSS3