Showing 1 - 4 of 4

CVE-2007-4571

Status Candidate

Overview

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

Related Files

Ubuntu Security Notice 618-1: Posted Jun 20, 2008; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 618-1 - Memory access issues, buffer overflows, denial of service, race conditions.. all sorts of fun and mayhem has been addressed in the Linux 2.6 kernel branch on Ubuntu.; tags | advisory, denial of service, overflow, kernel; systems | linux, ubuntu; advisories | CVE-2007-4571, CVE-2007-5904, CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375, CVE-2008-1669; SHA-256 | 0acf6967795b6e572efa6fa96bc8daa4c48aa9762c583cd6ee70d852449a6d06; Download | Favorite | View

dsa-1505.txt: Posted Feb 23, 2008; Site debian.org; Debian Security Advisory 1505 - Takashi Iwai supplied a fix for a memory leak in the snd_page_alloc module. Local users could exploit this issue to obtain sensitive information from the kernel.; tags | advisory, kernel, local, memory leak; systems | linux, debian; advisories | CVE-2007-4571; SHA-256 | f272b5ba166578eb27322aa5d703ba9bc6a9c384b5a9d38408dbf77b77a47744; Download | Favorite | View

Debian Linux Security Advisory 1479-1: Posted Jan 30, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1479-1 - Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.; tags | advisory, denial of service, arbitrary, kernel, local, vulnerability; systems | linux, debian; advisories | CVE-2007-2878, CVE-2007-4571, CVE-2007-6151, CVE-2008-0001; SHA-256 | 17d4d9a0f7ff8fa49e82e020f7eb075a2b6fdfd0fa9b97ccec62ce258d078174; Download | Favorite | View

iDEFENSE Security Advisory 2007-09-25.1: Posted Sep 26, 2007; Authored by iDefense Labs, mu-b | Site idefense.com; iDefense Security Advisory 09.25.07 - Local exploitation of an information disclosure vulnerability within the ALSA driver included in the Linux Kernel allows attackers to obtain sensitive information from kernel memory. iDefense has confirmed the existence of this vulnerability in version 2.6.22.1 of the Linux Kernel as installed with Fedora CORE 7. It is suspected that other versions are also vulnerable.; tags | advisory, kernel, local, info disclosure; systems | linux, fedora; advisories | CVE-2007-4571; SHA-256 | 949399f1ef56b7cf5b001af2d386dd168ad4fea165fb77e0c740cb6214ea3165; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2007-4571

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems