Local exploitation of an information disclosure vulnerability within the ALSA driver included in the Linux Kernel allows attackers to obtain sensitive information from kernel memory. The problem lies within the handling of multiple reads from the "/proc/driver/snd-page-alloc" file. The kernel side function that handles the read system call, "snd_mem_proc_read", is defined in sound/core/memalloc.c The fix is available with 2.6.22.8 or in this commit: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
Are the external drivers affected too?
Nevermind I didn't see the other bug and sorry for the bugspam.