Extended Lifecycle Support CVE dashboard by TuxСare

CVEs Releases Projects

CVE-2022-1048

Updated: 2022-05-31 02:24:48.55752

Description:

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 6.9
CVSS Version 3.x HIGH 7

Status

OS name Project name Version Status Errata Last updated
CentOS 6 ELS kernel 2.6.32 Needs triage 2022-05-11 13:11:48.801598
CentOS 8.4 ELS kernel 4.18.0-305.25.1 Needs triage 2022-05-11 13:11:54.421867
CentOS 8.5 ELS kernel 4.18.0-348.7.1 Needs triage 2022-05-11 13:11:53.310448
CloudLinux 6 ELS kernel 2.6.32 Needs triage 2022-05-11 13:11:49.705085
Oracle Linux 6 ELS kernel 2.6.32 Needs triage 2022-05-11 13:11:51.881036
Ubuntu 16.04 ELS linux 4.4.0 Needs triage 2022-05-11 13:11:50.650859