PT-2018-1071 · Linux+5 · Linux Kernel+5

Published

2018-01-11

·

Updated

2024-06-15

·

CVE-2018-1000004

CVSS v2.0

7.1

High

VectorAV:N/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6 through 4.12
Description A race condition issue exists in the sound system of the Linux kernel, potentially leading to a deadlock and denial of service condition. The vulnerability is related to the snd seq write and snd seq ioctl set client pool functions in the sound subsystem, which can cause errors due to multithreading issues. This can be exploited by a remote attacker to cause a denial of service.
Recommendations For Linux kernel versions 2.6 through 4.12, consider disabling the sound system or restricting access to the vulnerable functions snd seq write and snd seq ioctl set client pool to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2018-1452
ALT-PU-2018-1453
BDU:2018-00414
CESA-2018_1062
CESA-2018_2390
CVE-2018-1000004
DLA-1369-1
DSA-4187-1
MGASA-2018-0187
MGASA-2018-0264
MGASA-2018-0265
OPENSUSE-SU-2018_0408-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2018:0654
RHSA-2018:0676
RHSA-2018:1062
RHSA-2018:2390
RHSA-2018_0676
RHSA-2018_1062
RHSA-2018_2390
RHSA-2019:1483
RHSA-2019:1487
SUSE-SU-2018:0383-1
SUSE-SU-2018:0416-1
SUSE-SU-2018:0437-1
SUSE-SU-2018:0482-1
SUSE-SU-2018:0525-1
SUSE-SU-2018:0555-1
SUSE-SU-2018:0660-1
SUSE-SU-2018:0841-1
SUSE-SU-2018:0986-1
SUSE-SU-2018:0988-1
SUSE-SU-2018:0989-1
SUSE-SU-2018:0992-1
SUSE-SU-2018:0993-1
SUSE-SU-2018:0994-1
SUSE-SU-2018:0995-1
SUSE-SU-2018:0996-1
SUSE-SU-2018:0997-1
SUSE-SU-2018:0999-1
SUSE-SU-2018:1000-1
SUSE-SU-2018:1001-1
SUSE-SU-2018:1004-1
SUSE-SU-2018:1005-1
SUSE-SU-2018:1006-1
SUSE-SU-2018:1007-1
SUSE-SU-2018:1008-1
SUSE-SU-2018:1009-1
SUSE-SU-2018:1010-1
SUSE-SU-2018:1011-1
SUSE-SU-2018:1012-1
SUSE-SU-2018:1013-1
SUSE-SU-2018:1014-1
SUSE-SU-2018:1015-1
SUSE-SU-2018:1018-1
SUSE-SU-2018:1019-1
SUSE-SU-2018:1020-1
SUSE-SU-2018:1021-1
SUSE-SU-2018:1022-1
SUSE-SU-2018:1023-1
SUSE-SU-2018:1024-1
SUSE-SU-2018:1025-1
SUSE-SU-2018:1027-1
SUSE-SU-2018:1028-1
SUSE-SU-2018:1029-1
SUSE-SU-2018:1031-1
SUSE-SU-2018:1032-1
SUSE-SU-2018:1033-1
SUSE-SU-2018:1034-1
USN-3631-1
USN-3631-2
USN-3798-1
USN-3798-2

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu