The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.
3.13.0-157.2074.4.0-98.121~14.04.14.4.0-98.1214.4.0-1039.484.13.0-1005.74.13.0-1002.54.4.0-1033.334.13.0-32.35~16.04.14.4.0-1009.144.4.0-1076.84Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H