{"id":"CVE-2017-0861","details":"Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.","modified":"2026-04-16T06:18:49.147918586Z","published":"2017-11-16T23:29:01.320Z","related":["SUSE-SU-2018:1080-1","SUSE-SU-2018:1172-1","SUSE-SU-2018:1220-1","SUSE-SU-2018:1221-1","SUSE-SU-2018:1222-1","SUSE-SU-2018:1224-1","SUSE-SU-2018:1226-1","SUSE-SU-2018:1227-1","SUSE-SU-2018:1228-1","SUSE-SU-2018:1229-1","SUSE-SU-2018:1230-1","SUSE-SU-2018:1231-1","SUSE-SU-2018:1232-1","SUSE-SU-2018:1233-1","SUSE-SU-2018:1234-1","SUSE-SU-2018:1235-1","SUSE-SU-2018:1236-1","SUSE-SU-2018:1237-1","SUSE-SU-2018:1240-1","SUSE-SU-2018:1241-1","SUSE-SU-2018:1242-1","SUSE-SU-2018:1243-1","SUSE-SU-2018:1244-1","SUSE-SU-2018:1245-1","SUSE-SU-2018:1247-1","SUSE-SU-2018:1248-1","SUSE-SU-2018:1250-1","SUSE-SU-2018:1251-1","SUSE-SU-2018:1252-1","SUSE-SU-2018:1253-1","SUSE-SU-2018:1254-1","SUSE-SU-2018:1255-1","SUSE-SU-2018:1256-1","SUSE-SU-2018:1257-1","SUSE-SU-2018:1259-1","SUSE-SU-2018:1260-1","SUSE-SU-2018:1261-1","SUSE-SU-2018:1262-1","SUSE-SU-2018:1263-1","SUSE-SU-2018:1264-1","SUSE-SU-2018:1266-1","SUSE-SU-2018:1267-1","SUSE-SU-2018:1268-1","SUSE-SU-2018:1269-1","SUSE-SU-2018:1270-1","SUSE-SU-2018:1272-1","SUSE-SU-2018:1273-1","SUSE-SU-2018:1309-1"],"references":[{"type":"WEB","url":"http://lists.alioth.debian.org/pipermail/secure-testing-commits/2017-December/059967.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/102329"},{"type":"WEB","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=362bca57f5d78220f8b5907b875961af9436e229"},{"type":"WEB","url":"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"},{"type":"WEB","url":"https://security-tracker.debian.org/tracker/CVE-2017-0861"},{"type":"WEB","url":"https://usn.ubuntu.com/3583-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3583-2/"},{"type":"WEB","url":"https://usn.ubuntu.com/3617-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3617-2/"},{"type":"WEB","url":"https://usn.ubuntu.com/3617-3/"},{"type":"WEB","url":"https://usn.ubuntu.com/3619-1/"},{"type":"WEB","url":"https://usn.ubuntu.com/3619-2/"},{"type":"WEB","url":"https://usn.ubuntu.com/3632-1/"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2390"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3083"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3096"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0036"},{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/pixel/2017-11-01"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4187"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"type":"FIX","url":"https://source.android.com/security/bulletin/pixel/2017-11-01"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git","events":[{"introduced":"0"},{"fixed":"362bca57f5d78220f8b5907b875961af9436e229"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0861.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}