kernel is vulnerable to Use-after-free. A user is able to trigger concurrent calls of PCM hw_params
and hw_free ioctls
causing race condition to happen inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
access.redhat.com/errata/RHSA-2022:7444
access.redhat.com/security/updates/classification/#moderate
access.redhat.com/solutions/6971358
bugzilla.redhat.com/show_bug.cgi?id=2066706
lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3
lore.kernel.org/lkml/[email protected]/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3
security.netapp.com/advisory/ntap-20220629-0001/
www.debian.org/security/2022/dsa-5127
www.debian.org/security/2022/dsa-5173