Yasijop

**Name of the Vulnerable Software and Affected Versions** JACK2 versions 1.9.1 through 1.9.12 **Description** The issue is related to a "double file descriptor close" problem in the posix/JackSocket.cpp file of libjack in JACK2. This occurs during a failed connection attempt when jackd2 is not running. The exploitation success depends on the multithreaded timing of the double close, which can lead to unintended information disclosure, crashes, or file corruption due to having the wrong file associated with the file descriptor. **Recommendations** For JACK2 versions 1.9.1 through 1.9.12, consider updating to a version that contains a fix for this issue, as the current version may be prone to information disclosure, crashes, or file corruption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.