CVE-2022-49288
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49288
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49288.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49288
- Downstream
- Related
- Published
- 2025-02-26T07:01:05Z
- Modified
- 2025-08-09T20:01:28Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ALSA: pcm: Fix races among concurrent prealloc proc writes
We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the PCM open_mutex to the proc write operation for avoiding the racy proc writes and the PCM stream open (and further operations).
- References
-
- https://git.kernel.org/stable/c/37b12c16beb6f6c1c3c678c1aacbc46525c250f7
- https://git.kernel.org/stable/c/51fce708ab8986a9879ee5da946a2cc120f1036d
- https://git.kernel.org/stable/c/5ed8f8e3c4e59d0396b9ccf2e639711e24295bb6
- https://git.kernel.org/stable/c/69534c48ba8ce552ce383b3dfdb271ffe51820c3
- https://git.kernel.org/stable/c/a21d2f323b5a978dedf9ff1d50f101f85e39b3f2
- https://git.kernel.org/stable/c/b560d670c87d7d40b3cf6949246fa4c7aa65a00a
- https://git.kernel.org/stable/c/e14dca613e0a6ddc2bf6e360f16936a9f865205b
- https://git.kernel.org/stable/c/e7786c445bb67a9a6e64f66ebd6b7215b153ff7d