Описание
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
A race condition was found in the Linux kernel's sound timer code in the snd_timer_user_read() function in the sound/core/timer.c file. An unprivileged attacker can exploit the race condition to cause an out-of-bound access which may lead to a system crash or other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 6 | kernel | Affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2016:2584 | 03.11.2016 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2016:2574 | 03.11.2016 |
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2017:0113 | 17.01.2017 |
Показывать по
Дополнительная информация
Статус:
3.6 Low
CVSS3
Связанные уязвимости
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
An elevation of privilege vulnerability in the kernel sound timer. Pro ...
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.
3.6 Low
CVSS3