CVE-2010-4081

Priority
Description
The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the
Linux kernel before 2.6.36-rc6 does not initialize a certain structure,
which allows local users to obtain potentially sensitive information from
kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.
Ubuntu-Description
Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver
did not correctly clear kernel memory. A local attacker could exploit this
to read kernel stack memory, leading to a loss of privacy.
Package
Upstream:released (2.6.36~rc6)
Package
Upstream:released (2.6.36~rc6)
Package
Upstream:released (2.6.36~rc6)
Package
Upstream:released (2.6.36~rc6)
Package
Upstream:released (2.6.36~rc6)
Package
Upstream:released (2.6.36~rc6)
Package
Upstream:released (2.6.36~rc6)
More Information

Updated: 2019-01-14 21:54:47 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)