CVE-2007-4571

NONECVSS 0.0

0.0

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

🔗 References (58)

secalert@redhathttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
secalert@redhathttp://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
secalert@redhathttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
secalert@redhathttp://secunia.com/advisories/26918
secalert@redhathttp://secunia.com/advisories/26980
secalert@redhathttp://secunia.com/advisories/26989
secalert@redhathttp://secunia.com/advisories/27101
secalert@redhathttp://secunia.com/advisories/27227
secalert@redhathttp://secunia.com/advisories/27436
secalert@redhathttp://secunia.com/advisories/27747
secalert@redhathttp://secunia.com/advisories/27824
secalert@redhathttp://secunia.com/advisories/28626
secalert@redhathttp://secunia.com/advisories/29054
secalert@redhathttp://secunia.com/advisories/30769
secalert@redhathttp://support.avaya.com/elmodocs2/security/ASA-2007-474.htm

Is Your Infrastructure Affected by CVE-2007-4571?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-4571

📅 Published

🔄 Last Modified

🔗 References (58)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-4571?