ГлавнаяУязвимости → CVE-2022-49288
7.8высокая

CVE-2022-49288

→ есть в БДУ: BDU:2025-10267 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the PCM open_mutex to the proc write operation for avoiding the racy proc writes and the PCM stream open (and further operations).

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://git.kernel.org/stable/c/37b12c16beb6f6c1c3c678c1aacbc46525c250f7https://git.kernel.org/stable/c/51fce708ab8986a9879ee5da946a2cc120f1036dhttps://git.kernel.org/stable/c/5ed8f8e3c4e59d0396b9ccf2e639711e24295bb6https://git.kernel.org/stable/c/69534c48ba8ce552ce383b3dfdb271ffe51820c3https://git.kernel.org/stable/c/a21d2f323b5a978dedf9ff1d50f101f85e39b3f2https://git.kernel.org/stable/c/b560d670c87d7d40b3cf6949246fa4c7aa65a00ahttps://git.kernel.org/stable/c/e14dca613e0a6ddc2bf6e360f16936a9f865205bhttps://git.kernel.org/stable/c/e7786c445bb67a9a6e64f66ebd6b7215b153ff7d