CVE-2024-44954 - Ubuntu Linux Kernel ALSA Line6 Race Condition

2 months ago 29
ARTICLE AD BOX
CVE ID : CVE-2024-44954
Published : Sept. 4, 2024, 7:15 p.m. | 24 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warning triggered by syzkaller below (so put as reported-by here). This patch protects the midibuf call of the former code path with a spinlock for avoiding the possible races.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article