CVE-2007-4571 (retired)

Priority
Description
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced
Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does
not return the correct write size, which allows local users to obtain
sensitive information (kernel memory contents) via a small count argument,
as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Notes
 jdstrand> kernel-sec has 'ignored (2.6.18.dfsg.1-13etch3)'
 kees> ABI changer -- will roll this out when a more serious ABI change comes in
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.22.8)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:41:22 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)