The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.
References
Configurations
History
07 Nov 2023, 02:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2014-07-03 04:22
Updated : 2024-02-28 12:20
NVD link : CVE-2014-4655
Mitre link : CVE-2014-4655
CVE.ORG link : CVE-2014-4655
JSON object : View
Products Affected
linux
- linux_kernel
suse
- linux_enterprise_server
canonical
- ubuntu_linux
CWE
CWE-190
Integer Overflow or Wraparound