CVE-2022-1048
Updated: 2022-05-31 02:24:48.55752
Description:
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
| Links | NIST | CIRCL | RHEL | Ubuntu |
Severity
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 6.9 |
| CVSS Version 3.x | HIGH | 7 |
Status
| OS name | Project name | Version | Status | Errata | Last updated |
|---|---|---|---|---|---|
| CentOS 6 ELS | kernel | 2.6.32 | Needs triage | 2022-05-11 13:11:48.801598 | |
| CentOS 8.4 ELS | kernel | 4.18.0-305.25.1 | Needs triage | 2022-05-11 13:11:54.421867 | |
| CentOS 8.5 ELS | kernel | 4.18.0-348.7.1 | Needs triage | 2022-05-11 13:11:53.310448 | |
| CloudLinux 6 ELS | kernel | 2.6.32 | Needs triage | 2022-05-11 13:11:49.705085 | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | Needs triage | 2022-05-11 13:11:51.881036 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | Needs triage | 2022-05-11 13:11:50.650859 |