Overview
- Description
- A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
- Source
- cve-coordination@google.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Known exploits
Data from CISA
- Vulnerability name
- Linux Kernel Use-After-Free Vulnerability
- Exploit added on
- Mar 30, 2023
- Exploit action due
- Apr 20, 2023
- Required action
- Apply updates per vendor instructions.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E245BC6C-44BD-47D1-A03D-9FE1F29BB25A",
"versionEndExcluding": "4.14.303",
"versionStartIncluding": "4.14"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE8904A3-99BE-4E49-9682-1F90A6373F4F",
"versionEndExcluding": "4.19.270",
"versionStartIncluding": "4.15"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0C0D95E-414A-445E-941B-3EF6A4D3A093",
"versionEndExcluding": "5.4.229",
"versionStartIncluding": "4.20"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D05D31FC-BD74-4F9E-B1D8-9CED62BE6F65",
"versionEndExcluding": "5.10.163",
"versionStartIncluding": "5.5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D71B7395-3263-46DE-9341-53C437B49ADF",
"versionEndExcluding": "5.15.88",
"versionStartIncluding": "5.11"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04212AC4-FF1E-4F38-8AE9-53E2A69A00DC",
"versionEndExcluding": "6.1.6",
"versionStartIncluding": "5.16"
}
],
"operator": "OR"
}
]
}
]