Systems Affected
• Linux Kernel prior to 3.15.2
Threat Level
Overview
Vulnerability has been reported in Linux Kernel which could be exploited by a local attacker to execute arbitrary code on the system.
Description
The vulnerability exists due to use-after-free error in the "sound/core/control.c" in the ALSA (Advanced Linux Sound Architecture) control implementation. A local attacker could exploit this vulnerability to execute arbitrary code on the system.
Successful exploitation of this vulnerability could allow an attacker to cause Denial of service(DoS) or obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.
Impact
Solution/ Workarounds
✻ Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.
References
http://www.cert-in.org.in/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|