In the Linux kernel, the following vulnerability has been resolved:
ALSA: pcm: Fix potential data race at PCM memory allocation helpers
The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper lock and the allocation isnt serialized; this allows user to allocate more memories than predefined max size.
Practically seen, this isnt really a big problem, as its more or less some soft limit as a sanity check, and its not possible to allocate unlimitedly. But its still better to address this for more consistent behavior.
The patch covers the size check in do_alloc_pages() with the card->memory_mutex, and increases the allocated size there for preventing the further overflow. When the actual allocation fails, the size is decreased accordingly.