CVE-2007-4571

Priority
Low
Description
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced
Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does
not return the correct write size, which allows local users to obtain
sensitive information (kernel memory contents) via a small count argument,
as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
References
Bugs
Notes
 jdstrand> kernel-sec has 'ignored (2.6.18.dfsg.1-13etch3)'
 kees> ABI changer -- will roll this out when a more serious ABI change comes in
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.22.8)
More Information

Updated: 2018-06-26 04:27:16 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)