Updated: 2026-02-08 04:15:09.715253
Description:
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper lock and the allocation isn't serialized; this allows user to allocate more memories than predefined max size. Practically seen, this isn't really a big problem, as it's more or less some "soft limit" as a sanity check, and it's not possible to allocate unlimitedly. But it's still better to address this for more consistent behavior. The patch covers the size check in do_alloc_pages() with the card->memory_mutex, and increases the allocated size there for preventing the further overflow. When the actual allocation fails, the size is decreased accordingly.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0.0 |
| CVSS Version 3.x | MEDIUM | 6.3 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 6.3 | MEDIUM | In Testing | 2026-01-27 14:57:18 | ||
| CentOS 8.4 ELS | kernel | 4.18.0 | 6.3 | MEDIUM | Ignored | 2026-02-09 20:32:43 | - The flaw exists only in the ALSA PCM buffer-allocation helpers and is reachable only when sound dr... | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 6.3 | MEDIUM | In Testing | 2026-02-02 15:01:00 |