Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Very High

CVE-2023-0266

Disclosure Date: January 30, 2023 (last updated October 08, 2023)
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
Attack Vector: LocalPrivileges: LowUser Interaction: None
1
1