Executive Summary

Informations
Name CVE-2022-49291 First vendor Publication 2025-02-26
Vendor Cve Last vendor Modification 2025-03-25

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

ALSA: pcm: Fix races among concurrent hw_params and hw_free calls

Currently we have neither proper check nor protection against the concurrent calls of PCM hw_params and hw_free ioctls, which may result in a UAF. Since the existing PCM stream lock can't be used for protecting the whole ioctl operations, we need a new mutex to protect those racy calls.

This patch introduced a new mutex, runtime->buffer_mutex, and applies it to both hw_params and hw_free ioctl code paths. Along with it, the both functions are slightly modified (the mmap_count check is moved into the state-check block) for code simplicity.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49291

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 7
Os 3527

Sources (Detail)

https://git.kernel.org/stable/c/0090c13cbbdffd7da079ac56f80373a9a1be0bf8
https://git.kernel.org/stable/c/0f6947f5f5208f6ebd4d76a82a4757e2839a23f8
https://git.kernel.org/stable/c/1bbf82d9f961414d6c76a08f7f843ea068e0ab7b
https://git.kernel.org/stable/c/33061d0fba51d2bf70a2ef9645f703c33fe8e438
https://git.kernel.org/stable/c/92ee3c60ec9fe64404dc035e7c41277d74aa26cb
https://git.kernel.org/stable/c/9cb6c40a6ebe4a0cfc9d6a181958211682cffea9
https://git.kernel.org/stable/c/a42aa926843acca96c0dfbde2e835b8137f2f092
https://git.kernel.org/stable/c/fbeb492694ce0441053de57699e1e2b7bc148a69
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
Date Informations
2025-06-26 02:09:28
  • Multiple Updates
2025-06-25 12:22:19
  • Multiple Updates
2025-06-24 02:14:04
  • Multiple Updates
2025-05-27 02:09:49
  • Multiple Updates
2025-03-28 17:21:02
  • Multiple Updates
2025-03-28 13:34:51
  • Multiple Updates
2025-03-28 02:56:56
  • Multiple Updates
2025-03-25 17:21:25
  • Multiple Updates
2025-02-27 21:20:34
  • Multiple Updates
2025-02-26 17:20:32
  • First insertion