Published: 28/12/2016 Updated: 17/01/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel prior to 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Debian Bug report logs - #770492 linux-image-3160-4-686-pae: chown removes securitycapability xattr on other users' files (CVE-2015-1350) Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Affects: wireshark-common, iputils-ping, fping Reported by: Ben Harris <bjh21@cama ...

A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely ...

Several security issues were fixed in the kernel ...

CWE-362 CWE-416 https://patchwork.kernel.org/patch/8752621/https://github.com/torvalds/linux/commit/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4 https://bugzilla.redhat.com/show_bug.cgi?id=1401494 http://www.openwall.com/lists/oss-security/2016/12/03/2 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4 http://www.securityfocus.com/bid/94654 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html https://source.android.com/security/bulletin/2017-05-01 http://rhn.redhat.com/errata/RHSA-2016-2574.html https://access.redhat.com/errata/RHSA-2016:2574 https://nvd.nist.gov https://usn.ubuntu.com/3167-1/https://access.redhat.com/security/cve/cve-2016-9794

CVE-2016-9794

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect