Lucene search

K

Veracode Vulnerability DatabaseVERACODE:29326

HistoryFeb 10, 2021 - 6:05 a.m.

Privilege Escalation

2021-02-1006:05:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

23

0.0004 Low

EPSS

Percentile

10.1%

kernel is vulnerable to privilege escalation. An attacker may exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.

CPENameOperatorVersion
kerneleq3.10.0__229.7.2.ael7b
kerneleq4.18.0__80.7.1.el8_0
kerneleq3.10.0__957.el7
kerneleq3.10.0__693.33.1.el7
kerneleq3.10.0__693.2.2.el7
kerneleq3.10.0__957.12.1.el7
kerneleq3.10.0__693.1.1.el7
kerneleq3.10.0__693.11.1.el7
kerneleq3.10.0__862.9.1.el7
kerneleq4.18.0__80.4.2.el8_0

Rows per page:

1-10 of 921

References

www.securityfocus.com/bid/106109

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index

access.redhat.com/errata/RHSA-2019:2029

access.redhat.com/errata/RHSA-2019:2703

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1655816

bugzilla.suse.com/show_bug.cgi?id=1118152

git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=5f8cf712582617d523120df67d392059eaf2fc4b

github.com/torvalds/linux/commit/5f8cf712582617d523120df67d392059eaf2fc4b

lists.debian.org/debian-lts-announce/2019/03/msg00034.html

lists.debian.org/debian-lts-announce/2019/04/msg00004.html

lists.debian.org/debian-lts-announce/2019/05/msg00002.html

support.f5.com/csp/article/K98155950

usn.ubuntu.com/3879-1/

usn.ubuntu.com/3879-2/

usn.ubuntu.com/3930-1/

usn.ubuntu.com/3930-2/

usn.ubuntu.com/3931-1/

usn.ubuntu.com/3931-2/

usn.ubuntu.com/3933-1/

usn.ubuntu.com/3933-2/

www.openwall.com/lists/oss-security/2018/12/03/1

0.0004 Low

EPSS

Percentile

10.1%

Related for VERACODE:29326

nvd1 redhatcve1 nessus39 debiancve1 cvelist1 prion1 cve1 f51 ubuntucve1 fedora47 oraclelinux3 openvas74 ubuntu8 cloudfoundry2 mageia3 redhat2 photon5 suse2 debian3 osv2 slackware1