PT-2016-7823 · Linux+5 · Linux Kernel+5

Andrej Nemec

·

Published

2016-08-18

·

Updated

2023-01-17

·

CVE-2016-9794

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.7
Description The issue is related to a race condition in the snd pcm period elapsed function in the ALSA subsystem. This can be exploited by local users to cause a denial of service (use-after-free) or possibly have other unspecified impacts via a crafted SNDRV PCM TRIGGER START command.
Recommendations For Linux kernel versions prior to 4.7, update to version 4.7 or later to resolve the issue.

Fix

DoS

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

ALT-PU-2016-1862
ALT-PU-2016-2436
CESA-2016_2574
CVE-2016-9794
DLA-772-1
MGASA-2016-0429
MGASA-2017-0003
MGASA-2017-0004
OPENSUSE-SU-2016_3050-1
OPENSUSE-SU-2016_3058-1
OPENSUSE-SU-2016_3118-1
RHSA-2016:2574
RHSA-2016_2574
SUSE-SU-2016:3146-1
SUSE-SU-2016:3188-1
SUSE-SU-2016:3203-1
SUSE-SU-2016:3217-1
SUSE-SU-2016:3248-1
SUSE-SU-2016:3252-1
SUSE-SU-2017:0226-1
SUSE-SU-2017:0227-1
SUSE-SU-2017:0228-1
SUSE-SU-2017:0229-1
SUSE-SU-2017:0230-1
SUSE-SU-2017:0231-1
SUSE-SU-2017:0233-1
SUSE-SU-2017:0234-1
SUSE-SU-2017:0235-1
SUSE-SU-2017:0244-1
SUSE-SU-2017:0245-1
SUSE-SU-2017:0246-1
SUSE-SU-2017:0247-1
SUSE-SU-2017:0248-1
SUSE-SU-2017:0249-1
SUSE-SU-2017:0267-1
SUSE-SU-2017:0268-1
SUSE-SU-2017:0278-1
SUSE-SU-2017:0293-1
SUSE-SU-2017:0294-1
SUSE-SU-2017:0407-1
SUSE-SU-2017:1102-1
USN-3167-1
USN-3167-2
USN-3168-1
USN-3168-2
USN-3169-1
USN-3169-2
USN-3169-3
USN-3169-4

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu