PT-2016-7823 · Linux+5 · Linux Kernel+5

Andrej Nemec

·

Publicado

2016-08-18

·

Atualizado

2023-01-17

·

CVE-2016-9794

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.7
Description The issue is related to a race condition in the snd pcm period elapsed function in the ALSA subsystem. This can be exploited by local users to cause a denial of service (use-after-free) or possibly have other unspecified impacts via a crafted SNDRV PCM TRIGGER START command.
Recommendations For Linux kernel versions prior to 4.7, update to version 4.7 or later to resolve the issue.

Correção

DoS

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

ALT-PU-2016-1862
ALT-PU-2016-2436
CESA-2016_2574
CVE-2016-9794
DLA-772-1
MGASA-2016-0429
MGASA-2017-0003
MGASA-2017-0004
OPENSUSE-SU-2016_3050-1
OPENSUSE-SU-2016_3058-1
OPENSUSE-SU-2016_3118-1
RHSA-2016:2574
RHSA-2016_2574
SUSE-SU-2016:3146-1
SUSE-SU-2016:3188-1
SUSE-SU-2016:3203-1
SUSE-SU-2016:3217-1
SUSE-SU-2016:3248-1
SUSE-SU-2016:3252-1
SUSE-SU-2017:0226-1
SUSE-SU-2017:0227-1
SUSE-SU-2017:0228-1
SUSE-SU-2017:0229-1
SUSE-SU-2017:0230-1
SUSE-SU-2017:0231-1
SUSE-SU-2017:0233-1
SUSE-SU-2017:0234-1
SUSE-SU-2017:0235-1
SUSE-SU-2017:0244-1
SUSE-SU-2017:0245-1
SUSE-SU-2017:0246-1
SUSE-SU-2017:0247-1
SUSE-SU-2017:0248-1
SUSE-SU-2017:0249-1
SUSE-SU-2017:0267-1
SUSE-SU-2017:0268-1
SUSE-SU-2017:0278-1
SUSE-SU-2017:0293-1
SUSE-SU-2017:0294-1
SUSE-SU-2017:0407-1
SUSE-SU-2017:1102-1
USN-3167-1
USN-3167-2
USN-3168-1
USN-3168-2
USN-3169-1
USN-3169-2
USN-3169-3
USN-3169-4

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu