In the Linux kernel, the following vulnerability has been resolved:
ALSA: usx2y: Use snd_card_free_when_closed() at disconnection
The USB disconnect callback is supposed to be short and not too-long
waiting. OTOH, the current code uses snd_card_free() at
disconnection, but this waits for the close of all used fds, hence it
can take long. It eventually blocks the upper layer USB ioctls, which
may trigger a soft lockup.
An easy workaround is to replace snd_card_free() with
snd_card_free_when_closed(). This variant returns immediately while
the release of resources is done asynchronously by the card device
release at the last close.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
References
History
Fri, 27 Dec 2024 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). This variant returns immediately while the release of resources is done asynchronously by the card device release at the last close. | |
| Title | ALSA: usx2y: Use snd_card_free_when_closed() at disconnection | |
| References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-12-27T14:11:16.256Z
Updated: 2024-12-27T14:11:16.256Z
Reserved: 2024-12-27T14:03:05.985Z
Link: CVE-2024-56533
Vulnrichment
No data.
NVD
Status : Received
Published: 2024-12-27T14:15:32.800
Modified: 2024-12-27T14:15:32.800
Link: CVE-2024-56533
Redhat
No data.