← Back to CVE List

CVE-2022-49291

Published: 2025-02-26T07:01Z
Last Modified: 2025-03-25T14:49Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hw_params and hw_free calls Currently we have neither proper check nor protection against the concurrent calls of PCM hw_params and hw_free ioctls, which may result in a UAF. Since the existing PCM stream lock can't be used for protecting the whole ioctl operations, we need a new mutex to protect those racy calls. This patch introduced a new mutex, runtime->buffer_mutex, and applies it to both hw_params and hw_free ioctl code paths. Along with it, the both functions are slightly modified (the mmap_count check is moved into the state-check block) for code simplicity. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt