CVE-2010-3080

Priority
Medium
Description
Double free vulnerability in the snd_seq_oss_open function in
sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4
might allow local users to cause a denial of service or possibly have
unspecified other impact via an unsuccessful attempt to open the
/dev/sequencer device.
Ubuntu-Description
Tavis Ormandy discovered that the OSS sequencer device did not correctly
shut down. A local attacker could exploit this to crash the system or
possibly gain root privileges.
References
Assigned-to
sconklin
Package
Upstream:needs-triage
Patches:
Dapper:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/dapper/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=c598337660c21c0afaa9df5a65bb4a7a0cf15be8
Hardy:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/hardy/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Jaunty:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/jaunty/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Karmic:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/karmic/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Lucid:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/lucid/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:38:51 UTC (commit 9756)