CVE-2017-15265: Linux Kernel ALSA Sequencer Interface Use-After-Free Memory Vulnerability

Description:  Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

Impact: An attacker can exploit this issue to cause a local denial-of-service condition; other attacks may also be possible.

Mitigation: Administrators may disable administrative privileges on the Windows machines that have Cisco AMP for Endpoints installed. For information about fixed software releases, consult with vendor.

Reference URL’s: