CVE-2010-3080

Priority
Medium
Description
Double free vulnerability in the snd_seq_oss_open function in
sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4
might allow local users to cause a denial of service or possibly have
unspecified other impact via an unsuccessful attempt to open the
/dev/sequencer device.
Ubuntu-Description
Tavis Ormandy discovered that the OSS sequencer device did not correctly
shut down. A local attacker could exploit this to crash the system or
possibly gain root privileges.
References
Assigned-to
sconklin
Package
Upstream:needs-triage
Patches:
Dapper:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/dapper/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 27f7ad53829f79e799a253285318bff79ece15bd
Hardy:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/hardy/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Jaunty:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/jaunty/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Karmic:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/karmic/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Lucid:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-3080/patches/lucid/linux/0001-ALSA-seq-oss-Fix-double-free-at-error-path-of-snd_seq_.txt
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2016-09-21 16:14:52 UTC (commit 11514)