Vulnerability Details : CVE-2017-15265
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2017-15265
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-15265
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-15265
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST | |
|
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST | |
|
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
CWE ids for CVE-2017-15265
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by: nvd@nist.gov (Primary)
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-15265
-
https://access.redhat.com/errata/RHSA-2018:3822
RHSA-2018:3822 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026
kernel/git/torvalds/linux.git - Linux kernel source treeIssue Tracking;Patch;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2017/10/11/3
oss-security - Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265Mailing List;Patch;Third Party Advisory
-
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8
Release Notes;Vendor Advisory
-
https://usn.ubuntu.com/3698-2/
USN-3698-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://bugzilla.suse.com/show_bug.cgi?id=1062520
Bug 1062520 – VUL-1: CVE-2017-15265: kernel: Use-after-free in /dev/snd/seqIssue Tracking;Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/101288
Linux kernel CVE-2017-15265 Use After Free Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://www.oracle.com/security-alerts/cpujul2020.html
Oracle Critical Patch Update Advisory - July 2020Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1130
RHSA-2018:1130 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3698-1/
USN-3698-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2390
RHSA-2018:2390 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
Security fixes in StruxureWare Data Center Expert v7.6.0 - User assistance for StruxureWare Data Center Expert 7.x - Help Center: Support for EcoStruxure IT, StruxureWare for Data Centers, and NetBotzThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
[SECURITY] [DLA 1200-1] linux security updateMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:0676
RHSA-2018:0676 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:3823
RHSA-2018:3823 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Oracle Critical Patch Update - April 2019Patch;Third Party Advisory
-
http://www.securitytracker.com/id/1039561
Linux Kernel Use-After-Free Memory Error in ALSA Sequencer Interface Lets Local Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2018:1062
RHSA-2018:1062 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026
ALSA: seq: Fix use-after-free at creating a port · torvalds/linux@7110599 · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://source.android.com/security/bulletin/2018-02-01
Android Security Bulletin—February 2018 | Android Open Source ProjectThird Party Advisory
-
http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
[alsa-devel] [PATCH] ALSA: seq: Fix use-after-free at creating a portMailing List;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:1170
RHSA-2018:1170 - Security Advisory - Red Hat Customer PortalThird Party Advisory
Jump to