CVE-2022-49288
Published: Feb 26, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the PCM open_mutex to the proc write operation for avoiding the racy proc writes and the PCM stream open (and further operations).
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < e7786c445bb67a9a6e64f66ebd6b7215b153ff7daffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < e14dca613e0a6ddc2bf6e360f16936a9f865205baffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 37b12c16beb6f6c1c3c678c1aacbc46525c250f7affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < b560d670c87d7d40b3cf6949246fa4c7aa65a00aaffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 51fce708ab8986a9879ee5da946a2cc120f1036d+3 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 4.14.279 - <= 4.14.*unaffected 4.19.243 - <= 4.19.*unaffected 5.4.193 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now