ALSA ymfpci Driver Vulnerability in Linux Kernel by Linux Foundation
CVE-2023-54308
What is CVE-2023-54308?
A vulnerability in the Linux kernel relating to the ALSA ymfpci driver has been identified. The issue arises from the improper handling of device management functions after significant changes were made in the driver's codebase. Specifically, the removal of the snd_card_ymfpci_remove() function has led to a scenario where system calls to allocate resources for the card are not being cleaned up correctly on module unload. This can eventually trigger a page fault in kernel mode, posing risks for system stability and reliability. Users and system administrators are advised to apply updates as they become available to mitigate potential impacts.
Affected Version(s)
Linux c6e6bb5eab7457a938c0405d5ccf319d3ee735c1 < 95642872c466030240199ba796a40771c493ed0c
Linux c6e6bb5eab7457a938c0405d5ccf319d3ee735c1
Linux c6e6bb5eab7457a938c0405d5ccf319d3ee735c1 < 255a81a89501df77379b51a81c7a2e8e7c359bc6