CVE-2011-1477

Priority
Description
Multiple array index errors in sound/oss/opl3.c in the Linux kernel before
2.6.39 allow local users to cause a denial of service (heap memory
corruption) or possibly gain privileges by leveraging write access to
/dev/sequencer.
Ubuntu-Description
Dan Rosenberg reported errors in the kernel's OSS (Open Sound System)
driver for Yamaha FM synthesizer chips. A local user can exploit this to
cause memory corruption, causing a denial of service or privilege
escalation.
Notes
jdstrandrequires /dev/sequencer and OSS (not ALSA)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.39~rc1)
Patches:
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
4d00135a680727f6c3be78f8befaac009030e4df
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
More Information

Updated: 2019-12-05 20:56:56 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)