Double Fetch Vulnerability in Linux Kernel's snd_msnd_interrupt Function

Double Fetch Vulnerability in Linux Kernel's snd_msnd_interrupt Function

CVE-2017-9984 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.