Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 14 Feb 2016 12:57:44 -0500 (EST)
From: cve-assign@...re.org
To: carnil@...ian.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, benh@...ian.org
Subject: Re: CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://git.kernel.org/linus/07d86ca93db7e5cdf4743564d98292042ec21af7
> https://lkml.org/lkml/2016/2/13/11
> ALSA: usb-audio: avoid freeing umidi object twice
>
> The 'umidi' object will be free'd on the error path by snd_usbmidi_free()
> when tearing down the rawmidi interface. So we shouldn't try to free it
> in snd_usbmidi_create()

> sound/usb/midi.c
> snd_usbmidi_create
> 
> -   snd_usbmidi_free(umidi);

Use CVE-2016-2384.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWwL7rAAoJEL54rhJi8gl5aVwP/0NkRkHIt/v2RbQ3hDt/zD7S
gP6sasJfZV2T5GyqoCzqZ87gtgdBhgphX2YNS7s+BFwxvRHLmY9wXVYFpQgVzaNn
6mvSfz1rrWfjmpIAkcqWrH+LcDsXB4jfnRqu/n3VBPvm7dPdFDydNl87fqzzUxuE
mzOx+nJZu8fGfOJZCEQM1OCkGCOZwxNtH4XPdhkjuzfBrCUhWOKHwc2yfwsBcBv/
tsfthuJpffxLm3Dr3HFrkr9CJS/JPUBxNXZHYrHP359id2NZkoq2wp0i4y9DWhwg
ddHIEdeqO5U6gZB+WolAZL284O5WnVdbHzjZO4Gx6Ik240Ab5rQWmX4WJabSnDwf
pMr7k5LZWc4lWSE7vJ9Akrz0ZFkZsfqNaCV1RjitRgXQ+F4sm76PaQj/0vAieeaJ
38JOc4sDQYcvhRvMVjyNyAaaB78fdsoOGkwt7sZR7q+syUDkRaFdrNaeerYk+8Gx
ojPmweX0ELnw1taN/CwEfBJ6LDDBJfuZmYyPjABKjdaHIvAHzOdZRAez1HDdLX6C
9hDt/Zq4foSJdZsIpvwDUOUzmLf4tEkBofbQXtz/H7mVrcimNIHInvXHdwLxghop
XjflF9+S+3n0I+QsJ6p0mNQXm+O0+PiR7ppEZhTqt+GOCGWZEIzJoK4xz8cU0BAV
Xrgkzti6q4qA2mCEvj+H
=EO2f
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ