PT-2025-8478 · Linux+4 · Linux Kernel+4

Published

2022-05-25

·

Updated

2026-02-04

·

CVE-2022-49545

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A race condition in the Linux kernel's ALSA: usb-audio component could allow access to a rawmidi runtime object that is being released. This issue occurs when closing a USB MIDI output substream with pending work. The problem is resolved by canceling the pending work at closing.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

BDU:2026-01310
CESA-2023_2951
CVE-2022-49545
OPENSUSE-SU-2025_1263-1
RHSA-2022:8267
RHSA-2022_8267
RHSA-2023:2951
RHSA-2023_2951
SUSE-SU-2025:02075-1
SUSE-SU-2025:02087-1
SUSE-SU-2025:02090-1
SUSE-SU-2025:02095-1
SUSE-SU-2025:02096-1
SUSE-SU-2025:02098-1
SUSE-SU-2025:02101-1
SUSE-SU-2025:02124-1
SUSE-SU-2025:02131-1
SUSE-SU-2025:02132-1
SUSE-SU-2025:02135-1
SUSE-SU-2025:02136-1
SUSE-SU-2025:02138-1
SUSE-SU-2025:02139-1
SUSE-SU-2025:02140-1
SUSE-SU-2025:02145-1
SUSE-SU-2025:02146-1
SUSE-SU-2025:0983-1
SUSE-SU-2025:1027-1
SUSE-SU-2025:1176-1
SUSE-SU-2025:1183-1
SUSE-SU-2025:1194-1
SUSE-SU-2025:1241-1
SUSE-SU-2025:1263-1
SUSE-SU-2025:1293-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_0983-1
SUSE-SU-2025_1027-1
SUSE-SU-2025_1241-1
SUSE-SU-2025_1263-1
SUSE-SU-2025_1293-1
SUSE-SU-2026:0385-1

Affected Products

Astra Linux
Centos
Linux Kernel
Red Hat
Suse