VDB
CVE-2007-4571
CVE-2007-4571
PUBLISHED
Reported by redhat · Published September 26, 2007
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Sep 26, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- 27747 third-party-advisoryx_refsource_SECUNIA
- 27227 third-party-advisoryx_refsource_SECUNIA
- SUSE-SA:2007:053 vendor-advisoryx_refsource_SUSE
- x_refsource_CONFIRM
- 1018734 vdb-entryx_refsource_SECTRACK
- USN-618-1 vendor-advisoryx_refsource_UBUNTU
- RHSA-2007:0939 vendor-advisoryx_refsource_REDHAT
- ADV-2007-3272 vdb-entryx_refsource_VUPEN
- 28626 third-party-advisoryx_refsource_SECUNIA
- 29054 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:9053 vdb-entrysignaturex_refsource_OVAL
- DSA-1479 vendor-advisoryx_refsource_DEBIAN
- FEDORA-2007-2349 vendor-advisoryx_refsource_FEDORA
- 27824 third-party-advisoryx_refsource_SECUNIA
- 25807 vdb-entryx_refsource_BID
- 26989 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- RHSA-2007:0993 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
…and 9 more