Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 193796
Alias:
Product:
Component:
Status: NEW
Resolution:
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 193796 depends on: Show dependency tree
Bug 193796 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.








View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-09-25 21:27 0000 
Local exploitation of an information disclosure vulnerability within the ALSA
driver included in the Linux Kernel allows attackers to obtain sensitive
information from kernel memory.

The problem lies within the handling of multiple reads from the
"/proc/driver/snd-page-alloc" file. The kernel side function that handles the
read system call, "snd_mem_proc_read", is defined in sound/core/memalloc.c 

The fix is available with 2.6.22.8 or in this commit:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212

------- Comment #1 From Sune Kloppenborg Jeppesen 2007-09-26 06:24:51 0000 ------- 
Are the external drivers affected too?

------- Comment #2 From Sune Kloppenborg Jeppesen 2007-09-26 06:25:27 0000 ------- 
Nevermind I didn't see the other bug and sorry for the bugspam.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug