Security News > 2017 > October > Yet Another Linux Kernel Privilege-Escalation Bug Discovered

Yet Another Linux Kernel Privilege-Escalation Bug Discovered
2017-10-16 08:02

Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab (Active-Defense Lab) researchers, the Linux kernel vulnerability (CVE-2017-15265) is due to a use-after-free memory error in the Advanced Linux Sound Architecture (ALSA)


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/j4kAlT9c0lA/linux-privilege-escalation.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2017-10-16 CVE-2017-15265 Use After Free vulnerability in Linux Kernel
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.
local
high complexity
linux CWE-416
7.0
7.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2337 1502 67 3970
Kernel 3 0 8 4 1 13