CVE-2011-1477

Priority
Description
Multiple array index errors in sound/oss/opl3.c in the Linux kernel before
2.6.39 allow local users to cause a denial of service (heap memory
corruption) or possibly gain privileges by leveraging write access to
/dev/sequencer.
Ubuntu-Description
Dan Rosenberg reported errors in the kernel's OSS (Open Sound System)
driver for Yamaha FM synthesizer chips. A local user can exploit this to
cause memory corruption, causing a denial of service or privilege
escalation.
Notes
 jdstrand> requires /dev/sequencer and OSS (not ALSA)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.39~rc1)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 4d00135a680727f6c3be78f8befaac009030e4df
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
More Information

Updated: 2019-01-14 21:57:04 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)