CVE-2007-4571
Published: 26 September 2007
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Notes
Author | Note |
---|---|
jdstrand | kernel-sec has 'ignored (2.6.18.dfsg.1-13etch3)' |
kees | ABI changer -- will roll this out when a more serious ABI change comes in |
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
upstream |
Released
(2.6.22.8)
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-52.67)
|
upstream |
Needs triage
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
edgy |
Ignored
(end of life)
|
upstream |
Needs triage
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
feisty |
Released
(2.6.20-17.36)
|
upstream |
Needs triage
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
gutsy |
Released
(2.6.22-12.39)
|
upstream |
Needs triage
|
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
- https://ubuntu.com/security/notices/USN-618-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4571
- NVD
- Launchpad
- Debian