|
oss-sec
mailing list archives
CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor
From: Salvatore Bonaccorso <carnil () debian org>
Date: Sun, 14 Feb 2016 16:31:52 +0100
Hi
There is a double-free flaw in the ALSA USB MIDI driver:
The 'umidi' object will be free'd on the error path by snd_usbmidi_free()
when tearing down the rawmidi interface. So we shouldn't try to free it
in snd_usbmidi_create() after having registered the rawmidi interface.
This was fixed in https://git.kernel.org/linus/07d86ca93db7e5cdf4743564d98292042ec21af7
https://lkml.org/lkml/2016/2/13/11
Could you assign a CVE for this issue?
Regards,
Salvatore
 By Date 
By Thread
Current thread:
- CVE Request: Linux: ALSA: usb-audio: double-free triggered by invalid USB descriptor Salvatore Bonaccorso (Feb 14)
| 
