Vulnetix
Try Vulnetix Request Demo
CVE-2017-9985 PUBLISHED

The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.

EPSS 0.05% · 14.0th percentile

Risk Scores

EPSS Score
0.05%
14.0th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSlinux-raspi24.4.0-1019.25, 4.4.0-1075.83, 4.4.0-1074.82
Ubuntu:22.04:LTSlinux-realtime0, 5.15.0-1032.35
Ubuntu:16.04:LTSlinux-kvm0, 4.4.0-1004.9, 4.4.0-1007.12
Ubuntu:20.04:LTSlinux-raspi20, 5.3.0-1017.19, 5.4.0-1004.4
Ubuntu:16.04:LTSlinux-hwe4.10.0-28.32~16.04.2, 4.10.0-30.34~16.04.1, 4.10.0-32.36~16.04.1
Ubuntu:16.04:LTSlinux4.4.0-11.26, 0, 4.2.0-16.19
Ubuntu:20.04:LTSlinux-gke5.4.0-1059.62, 5.4.0-1061.64, 5.4.0-1062.65
Ubuntu:22.04:LTSlinux-riscv5.13.0-1010.11+22.04.1, 5.15.0-1019.22, 5.15.0-1018.21
Ubuntu:16.04:LTSlinux-aws4.4.0-1020.29, 4.4.0-1032.41, 4.4.0-1012.21
Ubuntu:16.04:LTSlinux-gke4.4.0-1010.10, 4.4.0-1012.12, 4.4.0-1013.13
Ubuntu:14.04:LTSlinux3.13.0-149.199, 3.11.0-12.19, 3.12.0-1.3
Ubuntu:16.04:LTSlinux-gcp4.10.0-1004.4, 4.10.0-1006.6, 4.10.0-1007.7
Ubuntu:16.04:LTSlinux-snapdragon4.4.0-1071.76, 4.4.0-1072.77, 4.4.0-1073.78
Ubuntu:14.04:LTSlinux-lts-xenial4.4.0-53.74~14.04.1, 4.4.0-51.72~14.04.1, 4.4.0-47.68~14.04.1
Ubuntu:16.04:LTSlinux-azure4.11.0-1013.13, 4.11.0-1015.15, 4.11.0-1016.16
Ubuntu:22.04:LTSlinux-intel-iot-realtime5.15.0-1073.75, 0
Ubuntu:24.04:LTSlinux-raspi-realtime6.8.0-2019.20, 0
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1091.96+cvm1.1, 5.4.0-1095.101+cvm1.1, 5.4.0-1098.104+cvm1.1
Ubuntu:20.04:LTSlinux-riscv5.4.0-34.38, 5.4.0-36.41, 5.4.0-37.42

Timeline

References

Open in Interactive Console →