{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T02:21:30.508","vulnerabilities":[{"cve":{"id":"CVE-2024-57893","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-01-15T13:15:13.820","lastModified":"2025-11-03T21:18:38.890","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: oss: Fix races at processing SysEx messages\n\nOSS sequencer handles the SysEx messages split in 6 bytes packets, and\nALSA sequencer OSS layer tries to combine those.  It stores the data\nin the internal buffer and this access is racy as of now, which may\nlead to the out-of-bounds access.\n\nAs a temporary band-aid fix, introduce a mutex for serializing the\nprocess of the SysEx message packets."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: seq: oss: Se corrigen las ejecuciones al procesar mensajes SysEx El secuenciador OSS gestiona los mensajes SysEx divididos en paquetes de 6 bytes y la capa OSS del secuenciador ALSA intenta combinarlos. Almacena los datos en el búfer interno y este acceso es acelerado a partir de ahora, lo que puede llevar al acceso fuera de los límites. Como solución temporal, introduzca un mutex para serializar el proceso de los paquetes de mensajes SysEx."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.124","matchCriteriaId":"5D05F571-95D3-4BED-898B-B46FFC88EA32"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.70","matchCriteriaId":"51E6CFF2-92AA-4936-95AB-2D068168A696"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.9","matchCriteriaId":"1D13AF97-FFED-4B68-906D-CFE38D0B88DD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*","matchCriteriaId":"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*","matchCriteriaId":"5A073481-106D-4B15-B4C7-FB0213B8E1D4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*","matchCriteriaId":"DE491969-75AE-4A6B-9A58-8FC5AF98798F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*","matchCriteriaId":"93C0660D-7FB8-4FBA-892A-B064BA71E49E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*","matchCriteriaId":"034C36A6-C481-41F3-AE9A-D116E5BE6895"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0179488ca992d79908b8e26b9213f1554fc5bacc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9d382112b36382aa65aad765f189ebde9926c101","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cff1de87ed14fc0f2332213d2367100e7ad0753a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d2392b79d8af3714ea8878b71c66dc49d3110f44","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}