{ "threat_severity" : "Moderate", "public_date" : "2017-10-11T00:00:00Z", "bugzilla" : { "description" : "kernel: Use-after-free in snd_seq_ioctl_create_port()", "id" : "1501878", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1501878" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-416", "details" : [ "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.", "A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation." ], "statement" : "This issue affects the Linux kernel packages as shipped with Red Hat\nEnterprise Linux 5,6, 7, realtime and MRG-2.\nRed Hat Enterprise Linux 5 has transitioned to Production phase 3. \nDuring the Production 3 Phase, Critical impact Security Advisories (RHSAs) \nand selected Urgent Priority Bug Fix Advisories (RHBAs) may be released \nas they become available.\nThe official life cycle policy can be reviewed here:\nhttp://redhat.com/rhel/lifecycle\nFuture Linux kernel updates for the respective releases may address this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 5.9 Long Life", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3823", "cpe" : "cpe:/o:redhat:rhel_aus:5.9", "package" : "kernel-0:2.6.18-348.42.1.el5" }, { "product_name" : "Red Hat Enterprise Linux 5 Extended Lifecycle Support", "release_date" : "2018-12-13T00:00:00Z", "advisory" : "RHSA-2018:3822", "cpe" : "cpe:/o:redhat:rhel_els:5", "package" : "kernel-0:2.6.18-436.el5" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2018-08-14T00:00:00Z", "advisory" : "RHSA-2018:2390", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "kernel-0:2.6.32-754.3.5.el6" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-04-10T00:00:00Z", "advisory" : "RHSA-2018:0676", "cpe" : "cpe:/a:redhat:rhel_extras_rt:7", "package" : "kernel-rt-0:3.10.0-862.rt56.804.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2018-04-10T00:00:00Z", "advisory" : "RHSA-2018:1062", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "kernel-0:3.10.0-862.el7" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Extended Update Support", "release_date" : "2018-04-17T00:00:00Z", "advisory" : "RHSA-2018:1130", "cpe" : "cpe:/o:redhat:rhel_eus:7.4", "package" : "kernel-0:3.10.0-693.25.2.el7" }, { "product_name" : "Red Hat Enterprise MRG 2", "release_date" : "2018-04-17T00:00:00Z", "advisory" : "RHSA-2018:1170", "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package" : "kernel-rt-1:3.10.0-693.25.2.rt56.612.el6rt" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "kernel-alt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-15265\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-15265" ], "name" : "CVE-2017-15265", "mitigation" : { "value" : "It is possible to prevent the affected code from being loaded by blacklisting the kernel module snd_seq. Instructions relating to how to blacklist a kernel module are shown here: https://access.redhat.com/solutions/41278 \nAlternatively a custom permission set can be created by udev, the correct permissions will depend on your use case. Please contact Red Hat customer support for creating a rule set that can minimize flaw exposure.", "lang" : "en:us" }, "csaw" : false }