First published: Mon Dec 05 2016(Updated: )
A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. References: <a href="https://patchwork.kernel.org/patch/8752621/">https://patchwork.kernel.org/patch/8752621/</a> Upstream patch: <a href="https://github.com/torvalds/linux/commit/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4">https://github.com/torvalds/linux/commit/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4</a> CVE-ID request+assign: <a href="http://seclists.org/oss-sec/2016/q4/575">http://seclists.org/oss-sec/2016/q4/575</a>
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <3.2.85 | |
Linux Linux kernel | >=3.3<3.10.105 | |
Linux Linux kernel | >=3.11<3.12.69 | |
Linux Linux kernel | >=3.13<3.16.40 | |
Linux Linux kernel | >=3.17<3.18.52 | |
Linux Linux kernel | >=3.19<4.4.37 | |
Linux Linux kernel | >=4.5<4.7 | |
Google Android | ||
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.