CVE-2017-15265
CVE-2017-15265
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.htmlhttps://access.redhat.com/errata/RHSA-2018:0676https://access.redhat.com/errata/RHSA-2018:1062https://access.redhat.com/errata/RHSA-2018:1130https://access.redhat.com/errata/RHSA-2018:1170https://access.redhat.com/errata/RHSA-2018:2390https://access.redhat.com/errata/RHSA-2018:3822https://access.redhat.com/errata/RHSA-2018:3823https://bugzilla.suse.com/show_bug.cgi?id=1062520https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0