{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-06-17T00:00:00", "descriptions": [{"lang": "en", "value": "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-05T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2017:3315", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3315"}, {"name": "RHSA-2017:3322", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3322"}, {"name": "RHSA-2017:3295", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3295"}, {"tags": ["x_refsource_MISC"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"tags": ["x_refsource_MISC"], "url": "http://www.openwall.com/lists/oss-security/2017/06/12/2"}, {"name": "DSA-3981", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3981"}, {"tags": ["x_refsource_MISC"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378"}, {"name": "99121", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99121"}, {"tags": ["x_refsource_MISC"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-1000380", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2017:3315", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3315"}, {"name": "RHSA-2017:3322", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3322"}, {"name": "RHSA-2017:3295", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3295"}, {"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5", "refsource": "MISC", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"}, {"name": "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"name": "http://www.openwall.com/lists/oss-security/2017/06/12/2", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2017/06/12/2"}, {"name": "DSA-3981", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3981"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728", "refsource": "MISC", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"name": "https://source.android.com/security/bulletin/pixel/2017-12-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}, {"name": "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378"}, {"name": "99121", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99121"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378", "refsource": "MISC", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:00:39.924Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2017:3315", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3315"}, {"name": "RHSA-2017:3322", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3322"}, {"name": "RHSA-2017:3295", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3295"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2017/06/12/2"}, {"name": "DSA-3981", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-3981"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378"}, {"name": "99121", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/99121"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000380", "datePublished": "2017-06-17T18:00:00", "dateReserved": "2017-06-13T00:00:00", "dateUpdated": "2024-08-05T22:00:39.924Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEAAE4E7-00CF-47FC-8331-A5B82622BB91", "versionEndIncluding": "4.11.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time."}, {"lang": "es", "value": "El archivo sound/core/timer.c en el kernel de Linux anterior a versi\u00f3n 4.11.5, es vulnerable a una carrera de datos en el controlador de /dev/snd/timer de ALSA, resultando en que los usuarios locales sean capaces de leer la informaci\u00f3n que pertenece a otros usuarios, es decir, los contenidos de la memoria sin inicializar pueden ser divulgados cuando una lectura y un ioctl se presentan al mismo tiempo."}], "id": "CVE-2017-1000380", "lastModified": "2017-12-06T02:29:06.290", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-17T18:29:00.213", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3981"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2017/06/12/2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99121"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:3295"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:3315"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:3322"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378"}, {"source": "cve@mitre.org", "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Alexander Potapenko (Google) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2017:3322", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-693.11.1.rt56.632.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-11-30T00:00:00Z"}, {"advisory": "RHSA-2017:3315", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-693.11.1.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-12-01T00:00:00Z"}, {"advisory": "RHSA-2017:3295", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-693.11.1.rt56.597.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2017-11-30T00:00:00Z"}], "bugzilla": {"description": "kernel: information leak due to a data race in ALSA timer", "id": "1463311", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463311"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.", "It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users."], "name": "CVE-2017-1000380", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2017-06-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-1000380\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-1000380"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates of this product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2 may address this issue.", "threat_severity": "Moderate"}