Updated: 2023-12-06
CWE: Unspecified
Description:
The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call.
CVSS3: 6.2
| OS | Vendor version | Errata |
|---|---|---|
| Ubuntu 14.04 | 3.13.0-83.127 | USN-2929-1 |
| Debian 8 | 3.16.7-ckt20-1+deb8u4 | DSA-3503-1 |
| OS | Original kernel version | State |
|---|---|---|
| Ubuntu 14.04 |
3.13.0-38.65
show all
hide all
3.13.0-53.88
3.13.0-39.66
3.13.0-65.106
3.13.0-57.95
3.13.0-37.64
3.13.0-49.83
3.13.0-68.111
3.13.0-59.98
3.13.0-71.114
3.13.0-67.110
3.13.0-70.113
3.13.0-76.120
3.13.0-41.70
3.13.0-36.63
3.13.0-44.73
3.13.0-49.81
3.13.0-46.75
3.13.0-40.69
3.13.0-33.58
3.13.0-73.116
3.13.0-43.72
3.13.0-51.84
3.13.0-62.102
3.13.0-54.91
3.13.0-45.74
3.13.0-46.76
3.13.0-46.77
3.13.0-53.87
3.13.0-55.94
3.13.0-62.101
3.13.0-64.104
3.13.0-66.107
3.13.0-69.112
3.13.0-75.119
3.13.0-40.68
3.13.0-52.86
3.13.0-61.100
3.13.0-72.115
3.13.0-65.105
3.13.0-77.121
3.13.0-32.57
3.13.0-46.79
3.13.0-58.97
3.13.0-74.118
3.13.0-34.60
3.13.0-35.62
3.13.0-48.80
3.13.0-52.85
3.13.0-63.103
3.13.0-66.108
3.13.0-55.92
3.13.0-53.89
3.13.0-79.123
|
Released |
| Debian 8 |
3.16.7-ckt11-1+deb8u1
show all
hide all
3.16.7-ckt9-3~deb8u1
3.16.7-ckt11-1+deb8u2
3.16.7-ckt20-1+deb8u2
3.16.7-ckt11-1+deb8u3
3.16.7-ckt11-1+deb8u4
3.16.7-ckt11-1+deb8u5
3.16.7-ckt20-1+deb8u3
3.16.7-ckt11-1+deb8u6
3.16.7-ckt11-1
3.16.7-ckt20-1+deb8u1
|
Released |
| Endurance 6 elrepo | |
Ready For Release |
| Debian 10 cloud | |
Will Not Fix |
| Debian 9 backports | |
Will Not Fix |