{"id":"CVE-2022-1048","details":"A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.","modified":"2026-03-13T05:19:49.156421Z","published":"2022-04-29T16:15:08.470Z","related":["ALSA-2022:7444","ALSA-2022:7683","ALSA-2022:7933","ALSA-2022:8267","MGASA-2022-0121","MGASA-2022-0122","SUSE-SU-2022:1163-1","SUSE-SU-2022:1183-1","SUSE-SU-2022:1196-1","SUSE-SU-2022:1197-1","SUSE-SU-2022:1255-1","SUSE-SU-2022:1256-1","SUSE-SU-2022:1257-1","SUSE-SU-2022:1266-1","SUSE-SU-2022:1267-1","SUSE-SU-2022:1270-1","SUSE-SU-2022:1283-1","SUSE-SU-2022:1402-1","SUSE-SU-2022:1407-1","SUSE-SU-2022:1939-1","SUSE-SU-2022:1942-1","SUSE-SU-2022:1945-1","SUSE-SU-2022:1947-1","SUSE-SU-2022:1948-1","SUSE-SU-2022:1955-1","SUSE-SU-2022:1974-1","SUSE-SU-2022:2000-1","SUSE-SU-2022:2006-1","SUSE-SU-2023:0416-1","SUSE-SU-2025:0983-1","SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1","SUSE-SU-2025:1293-1","SUSE-SU-2026:0385-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220629-0001/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5127"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5173"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066706"},{"type":"FIX","url":"https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1048.json","unresolved_ranges":[{"events":[{"introduced":"2.6.12"},{"fixed":"4.14.279"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.243"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.193"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.109"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.32"}]},{"events":[{"introduced":"5.16"},{"fixed":"5.16.18"}]},{"events":[{"introduced":"0"},{"last_affected":"5.17-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}