CVE-2018-19824

Published December 3rd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.6

MEDIUM

Affected

PROJECT

Description

In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.

torvalds/linux

Linux kernel source tree

GitHub

237K