Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 2 Dec 2016 22:20:08 -0500
From: <cve-assign@...re.org>
To: <sploving1@...il.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>, <tiwai@...e.de>
Subject: Re: CVE request: -- Linux kernel: ALSA: use-after-free in,kill_fasync

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://github.com/torvalds/linux/commit/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4
> https://patchwork.kernel.org/patch/8752621/

>> Currently kill_fasync() is called outside the stream lock in
>> snd_pcm_period_elapsed(). This is potentially racy, since the stream
>> may get released even during the irq handler is running.

>>> BUG: KASAN: use-after-free in kill_fasync

Use CVE-2016-9794.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYQjl+AAoJEHb/MwWLVhi20bIP/2YwMe+WkpAO/h+tumPCmFmh
hdZr5j+sGBqm+QajpvcMyRaSGr+5Jxby33NZVYiI7xOQsfRh7unL4+JqaDNvA0gU
HrCin7BtFCKYS8LqUW0y1T3/PkjBr69PJJoBADwhn7MyFQ8VqlBCUMaILVUygk5M
eSlyp3pl1KZblySC6KWEH+Lw+sfq+CaLH3Y1EPKcBqCwDPnib2cW7T9K6fYVBLnR
1uzPX54A+bdXAWpU3Qb9wz0QrzLwtsFRp0ue/FjJLJWNCPwGuU4q8QcSUsZ4IVgo
mYgZvWQs2sz5FJpL2TBFZ1Nx2ijx9WJrS26U02gUO3lhAc+8EkaW3TfvUFszWGsG
5CI1FExd5j/oxmUISP8YXcQoy1B5V9pzzXkiz1HKLxSu5hdGplpuvRm5z7OZ9x5I
hLwEH87wVhKYMofKFf90zJhOZYnQzmUe2Zs1Z4D1a1cKu7YT//lkQZytKmDKEceZ
Fj36LwBwnI8MhV8T7F1a/ejdkBw0h32VazVF3hRPHqTeF3FREvu137MHA/vOTVzh
+XsM+SJbKHkfzXEkxCisiuAluSkfOuWiyFuBAFiDHZYMMQAF7ZuOTwG+Zwu3BWUT
ex3w0SJ1mkcCjw2EKJFaUT6/oQ0FF0e7vkgauwP5wI9owxdc14qKuD1JGbANHUGs
8xXWBJWlploCCTgiYz7v
=XKyZ
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ