CVE-2014-4654 in Linuxजानकारी

सारांश

द्वारा MITRE

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

आरक्षित करना

25/06/2014

प्रकटीकरण

03/07/2014

प्रविष्टि

VDB-65971

EPSS

0.00498

गतिविधियाँ

बहुत कम

क्षेत्र

Energy, Insurance, ...

स्रोत

Do you want to use VulDB in your project?

Use the official API to access entries easily!