CVE-2018-10902
CVSS v3.0
7.8 (High)
CVSS v2.0
4.6 (Medium)
EPSS
0.04 % (11th)
Affected Products
6
Advisories
40
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2018-08-21 19:29:00
(6 years ago) - Updated Date
-
2023-02-12 23:31:47
(19 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...