Alexander Sergeyev

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the use of memory after it has been freed in the ALSA sound subsystem of the Linux kernel. This is due to a problem with the registration and unregistration of LED class devices created by HD-audio codec drivers. The devres release does not work correctly in this case, leading to a NULL dereference or a use-after-free (UAF) for a stale set brightness delay callback. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.