Hi, here is two patches to paper over the still remaining races in ALSA sequencer write and ioctl that have been leaked in the previous fix for CVE-2018-1000004. The reports came up totally individually, so both people are put as Reported-by tag here. thanks, Takashi === Takashi Iwai (2): ALSA: seq: Don't allow resizing pool in use ALSA: seq: More protection for concurrent write and ioctl races sound/core/seq/seq_clientmgr.c | 21 ++++++++++++++------- sound/core/seq/seq_fifo.c | 2 +- sound/core/seq/seq_memory.c | 14 ++++++++++---- sound/core/seq/seq_memory.h | 3 ++- 4 files changed, 27 insertions(+), 13 deletions(-) -- 2.16.2 _______________________________________________ Alsa-devel mailing list Alsa-devel@xxxxxxxxxxxxxxxx http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
