Описание
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Отчет
Keeping the rating as Moderate, because this issue is hard to trigger and requires some permissions for accessing the sound card and only exists if a specific model of the sound card such as Intel 82801 or similar. The known reproducer works only for systems where the /dev/snd/pcmC0D1c device exists.
Меры по смягчению последствий
To mitigate this issue, prevent the module snd-pcm from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Virtualization 4 | redhat-virtualization-host | Will not fix | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2022:7444 | 08.11.2022 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2022:7683 | 08.11.2022 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | kernel | Fixed | RHSA-2024:4107 | 26.06.2024 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | kernel | Fixed | RHSA-2024:4107 | 26.06.2024 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | kernel | Fixed | RHSA-2024:4107 | 26.06.2024 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2022:8267 | 15.11.2022 |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A use-after-free flaw was found in the Linux kernel\u2019s sound subsy ...
Уязвимость звуковой подсистемы ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
7 High
CVSS3