Published: 28/06/2017 Updated: 24/02/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel up to and including 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
canonical ubuntu linux 14.04

Several security issues were fixed in the Linux kernel ...

The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midic in the Linux kernel through 4117 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability ...

The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midic in the Linux kernel before 413, 4950, 4499 and 4145 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fet ...

CWE-125 https://bugzilla.kernel.org/show_bug.cgi?id=196133 http://www.securityfocus.com/bid/99335 https://github.com/torvalds/linux/commit/20e2b791796bd68816fa115f12be5320de2b8021 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e2b791796bd68816fa115f12be5320de2b8021 https://usn.ubuntu.com/3754-1/https://nvd.nist.gov https://usn.ubuntu.com/3469-2/

CVE-2017-9985

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect