Bug 1311568 (CVE-2016-2548) - CVE-2016-2548 kernel: sound: linked lists of slave instances not unlinked immediately
Summary: CVE-2016-2548 kernel: sound: linked lists of slave instances not unlinked imm...
Keywords:
Status: CLOSED DUPLICATE of bug 1311566
Alias: CVE-2016-2548
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1311573
Blocks: 1311575
TreeView+ depends on / blocked
 
Reported: 2016-02-24 13:31 UTC by Andrej Nemec
Modified: 2021-02-17 04:18 UTC (History)
33 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-03-11 17:55:26 UTC
Embargoed:


Attachments (Terms of Use)

Description Andrej Nemec 2016-02-24 13:31:04 UTC
Some linked lists (active_list and ack_list) of slave instances
aren't unlinked immediately at stopping or closing, and this may lead
to unexpected accesses.

Upstream patch:

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b5a663aa426f4884c71cd8580adae73f33570f0d

External references:

http://seclists.org/oss-sec/2016/q1/133

Comment 1 Josh Boyer 2016-02-24 14:03:58 UTC
This is an identical fix to bug 1311566

This was fixed in 4.3.5 with:

commit ea7f3d59628930dc29482a292e2a55c81cac52a4
Author: Takashi Iwai <tiwai>
Date:   Thu Jan 14 16:30:58 2016 +0100

    ALSA: timer: Harden slave timer list handling
    
    commit b5a663aa426f4884c71cd8580adae73f33570f0d upstream.
    

and in 4.4.1 with:

commit 8eff3aa0a9bbb593dce0ec0344ec1961318e44c8
Author: Takashi Iwai <tiwai>
Date:   Thu Jan 14 16:30:58 2016 +0100

    ALSA: timer: Harden slave timer list handling
    
    commit b5a663aa426f4884c71cd8580adae73f33570f0d upstream.

All Fedora branches are on those or newer.  This issue is fixed in Fedora.

Comment 2 Vladis Dronov 2016-03-11 17:55:26 UTC

*** This bug has been marked as a duplicate of bug 1311566 ***

Comment 3 Doran Moppert 2020-02-10 04:31:22 UTC
Statement:

This flaw was found to be a duplicate of CVE-2016-2547. Please see https://access.redhat.com/security/cve/CVE-2016-2547 for information about affected products and security errata.


Note You need to log in before you can comment on or make changes to this bug.