CVE-2017-15265: Linux Kernel ALSA Sequencer Interface Use-After-Free Memory Vulnerability
by CIRT Team
Description: Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
Impact: An attacker can exploit this issue to cause a local denial-of-service condition; other attacks may also be possible.
Mitigation: Administrators may disable administrative privileges on the Windows machines that have Cisco AMP for Endpoints installed. For information about fixed software releases, consult with vendor.
26 Oct 2023 - Security Advisories & Alerts