Jackaudio

jackaudio

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Jack2

jack2

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-13351 2Alsa Project Jackaudio 2Alsa Jack2 Nov 21, 2024 Jul 5, 2019 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. E...Show more posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure, crashes, or file corruption due to having the wrong file associated with the file descriptor.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-13351

2Alsa Project

Jackaudio

2Alsa

Jack2

Nov 21, 2024

Jul 5, 2019

N/A· v4

8.1 HIGH· v3

6.8 MEDIUM· v2

posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure, crashes, or file corruption due to having the wrong file associated with the file descriptor.Show less