CVE-2007-4571

NameCVE-2007-4571
DescriptionThe snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1479-1, DSA-1505-1
NVD severitylow (attack range: local)
Debian Bugs444571

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
alsa-driversource(unstable)1.0.15-1low
alsa-driversourceetch1.0.13-5etch1lowDSA-1505-1
alsa-driversourcesarge1.0.8-7sarge1lowDSA-1505-1
alsa-modules-i386sourcesarge1.0.8+2sarge2lowDSA-1505-1
linux-2.6source(unstable)2.6.22-5low444571
linux-2.6sourceetch2.6.18.dfsg.1-17etch1lowDSA-1479-1

Notes

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
very easy to exploit locally

Search for package or bug name: Reporting problems