oss-sec mailing list archives

Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265

From: Marcus Meissner <meissner () suse de>
Date: Wed, 11 Oct 2017 15:03:53 +0200

Hi folks,

This kernel issue is being published without embargoe.
(came via security () kernel org to Takashi@SUSE);

Reported by Michael23 Yu.

https://bugzilla.suse.com/show_bug.cgi?id=1062520

Proposed Patch:
http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html

A use-after-free window in /dev/snd/seq, Mitre has assigned CVE-2017-15265 to it.

Ciao, Marcus

Current thread:

Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265 Marcus Meissner (Oct 11)
- Re: Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265 Marcus Meissner (Oct 17)