Improper locking in Linux kernel sound

1) Improper locking

EUVDB-ID: #VU104686

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49272

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_pcm_hw_params_choose(), snd_pcm_hw_params(), snd_pcm_hw_free() and snd_pcm_action_nonatomic() functions in sound/core/pcm_native.c, within the wait_for_avail() and __snd_pcm_lib_xfer() functions in sound/core/pcm_lib.c, within the snd_pcm_attach_substream() function in sound/core/pcm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:*:*:*:*:*:*:*:*

External links

https://git.kernel.org/stable/c/40f4cffbe13a51faf136faf5f9ef6847782cd595
https://git.kernel.org/stable/c/7777744e92a0b30e3e0cce2758d911837011ebd9
https://git.kernel.org/stable/c/7e9133607e1501c94881be35e118d8f84d96dcb4
https://git.kernel.org/stable/c/9017201e8d8c6d1472273361389ed431188584a0
https://git.kernel.org/stable/c/9661bf674d6a82b76e4ae424438a8ce1e3ed855d
https://git.kernel.org/stable/c/abedf0d08c79d76da0d6fa0d5dbbc98871dcbc2e
https://git.kernel.org/stable/c/bc55cfd5718c7c23e5524582e9fa70b4d10f2433
https://git.kernel.org/stable/c/be9813ad2fc8f0885f5ce6925af0d993ce5da4e5

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.