#VU93726 Buffer overflow in Linux kernel - CVE-2007-4571
Published: September 26, 2007 / Updated: July 3, 2024
Vulnerability identifier: #VU93726
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2007-4571
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
Public exploit is available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to gain access to sensitive information.
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Remediation
Install update from vendor's website.
External links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
- https://issues.rpath.com/browse/RPL-1761
- http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
- https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
- http://www.redhat.com/support/errata/RHSA-2007-0939.html
- http://www.redhat.com/support/errata/RHSA-2007-0993.html
- http://www.novell.com/linux/security/advisories/2007_53_kernel.html
- http://www.securityfocus.com/bid/25807
- http://www.securitytracker.com/id?1018734
- http://secunia.com/advisories/26918
- http://secunia.com/advisories/26989
- http://secunia.com/advisories/26980
- http://secunia.com/advisories/27101
- http://secunia.com/advisories/27436
- http://secunia.com/advisories/27227
- http://secunia.com/advisories/27747
- http://secunia.com/advisories/27824
- http://www.debian.org/security/2008/dsa-1479
- http://secunia.com/advisories/28626
- http://www.debian.org/security/2008/dsa-1505
- http://secunia.com/advisories/29054
- http://secunia.com/advisories/30769
- http://www.ubuntu.com/usn/usn-618-1
- http://www.vupen.com/english/advisories/2007/3272
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212