What the vulnerability does

01Description

An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.

Key dates

02Disclosure timeline

September 13, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE