Back to CVE List

CVE-2023-54072

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved:

ALSA: pcm: Fix potential data race at PCM memory allocation helpers

The PCM memory allocation helpers have a sanity check against too many
buffer allocations. However, the check is performed without a proper
lock and the allocation isn't serialized; this allows user to allocate
more memories than predefined max size.

Practically seen, this isn't really a big problem, as it's more or
less some "soft limit" as a sanity check, and it's not possible to
allocate unlimitedly. But it's still better to address this for more
consistent behavior.

The patch covers the size check in do_alloc_pages() with the
card->memory_mutex, and increases the allocated size there for
preventing the further overflow. When the actual allocation fails,
the size is decreased accordingly.

Vulnerability Details

Published Date
Last Modified
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!