[SRU][Trusty][PATCH 0/1] Fix for CVE-2017-15265
Kleber Sacilotto de Souza
kleber.souza at canonical.com
Thu Jun 7 23:28:55 UTC 2018
https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15265.html
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8
allows local users to cause a denial of service (use-after-free) or
possibly have unspecified other impact via crafted /dev/snd/seq ioctl
calls, related to sound/core/seq/seq_clientmgr.c and
sound/core/seq/seq_ports.c.
Only Trusty is currently affected. Backport was needed only for context
ajustment.
Takashi Iwai (1):
ALSA: seq: Fix use-after-free at creating a port
sound/core/seq/seq_clientmgr.c | 6 +++++-
sound/core/seq/seq_ports.c | 7 +++++--
2 files changed, 10 insertions(+), 3 deletions(-)
--
2.17.0
More information about the kernel-team
mailing list