{"id":"CVE-2024-44954","summary":"ALSA: line6: Fix racy access to midibuf","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: line6: Fix racy access to midibuf\n\nThere can be concurrent accesses to line6 midibuf from both the URB\ncompletion callback and the rawmidi API access.  This could be a cause\nof KMSAN warning triggered by syzkaller below (so put as reported-by\nhere).\n\nThis patch protects the midibuf call of the former code path with a\nspinlock for avoiding the possible races.","modified":"2026-04-02T12:18:31.575706Z","published":"2024-09-04T18:35:53.730Z","related":["MGASA-2024-0309","MGASA-2024-0310","SUSE-SU-2024:3551-1","SUSE-SU-2024:3553-1","SUSE-SU-2024:3559-1","SUSE-SU-2024:3561-1","SUSE-SU-2024:3564-1","SUSE-SU-2024:3566-1","SUSE-SU-2024:3569-1","SUSE-SU-2024:3587-1","SUSE-SU-2024:3591-1","SUSE-SU-2024:3592-1","SUSE-SU-2025:20073-1","SUSE-SU-2025:20077-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/44xxx/CVE-2024-44954.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/15b7a03205b31bc5623378c190d22b7ff60026f1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/40f3d5cb0e0cbf7fa697913a27d5d361373bdcf5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/51d87f11dd199bbc6a85982b088ff27bde53b48a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/535df7f896a568a8a1564114eaea49d002cb1747"},{"type":"WEB","url":"https://git.kernel.org/stable/c/643293b68fbb6c03f5e907736498da17d43f0d81"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a54da4b787dcac60b598da69c9c0072812b8282d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c80f454a805443c274394b1db0d1ebf477abd94e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e7e7d2b180d8f297cea6db43ea72402fd33e1a29"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/44xxx/CVE-2024-44954.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-44954"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"705ececd1c60d0f5d6ef2a719008847883516970"},{"fixed":"643293b68fbb6c03f5e907736498da17d43f0d81"},{"fixed":"40f3d5cb0e0cbf7fa697913a27d5d361373bdcf5"},{"fixed":"e7e7d2b180d8f297cea6db43ea72402fd33e1a29"},{"fixed":"a54da4b787dcac60b598da69c9c0072812b8282d"},{"fixed":"c80f454a805443c274394b1db0d1ebf477abd94e"},{"fixed":"535df7f896a568a8a1564114eaea49d002cb1747"},{"fixed":"51d87f11dd199bbc6a85982b088ff27bde53b48a"},{"fixed":"15b7a03205b31bc5623378c190d22b7ff60026f1"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-44954.json"}}],"schema_version":"1.7.5"}