Vulnerabilities

CVE-2014-4653

by Fred · 02/07/2014

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.

Date published : 2014-07-02

http://www.securityfocus.com/bid/68164

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fd9f26e4eca5d08a27d12c0933fceef76ed9663d

Similar

Tags: Cybersecurity Alert