CVE-2024-57893
Jan. 15, 2025, 1:15 p.m.
None
No Score
Description
In the Linux kernel, the following vulnerability has been resolved:
ALSA: seq: oss: Fix races at processing SysEx messages
OSS sequencer handles the SysEx messages split in 6 bytes packets, and
ALSA sequencer OSS layer tries to combine those. It stores the data
in the internal buffer and this access is racy as of now, which may
lead to the out-of-bounds access.
As a temporary band-aid fix, introduce a mutex for serializing the
process of the SysEx message packets.
Product(s) Impacted
Product | Versions |
---|---|
Linux kernel |
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
References
Tags
Timeline
Published: Jan. 15, 2025, 1:15 p.m.
Last Modified: Jan. 15, 2025, 1:15 p.m.
Last Modified: Jan. 15, 2025, 1:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
416baaa9-dc9f-4396-8d5f-8c081fb06d67
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.