193796 – ALSA snd_mem_proc_read() Information Disclosure (CVE-2007-4571)

Bug 193796 - ALSA snd_mem_proc_read() Information Disclosure (CVE-2007-4571)

Summary: ALSA snd_mem_proc_read() Information Disclosure (CVE-2007-4571)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://labs.idefense.com/intelligence...
Whiteboard:	[linux < 2.6.22.8][genpatches < 2.6.2...
Keywords:

Depends on:
Blocks:

Reported:	2007-09-25 21:27 UTC by Robert Buchholz (RETIRED)
Modified:	2013-09-03 03:20 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Buchholz (RETIRED) gentoo-dev

2007-09-25 21:27:37 UTC

Local exploitation of an information disclosure vulnerability within the ALSA driver included in the Linux Kernel allows attackers to obtain sensitive information from kernel memory.

The problem lies within the handling of multiple reads from the "/proc/driver/snd-page-alloc" file. The kernel side function that handles the read system call, "snd_mem_proc_read", is defined in sound/core/memalloc.c 

The fix is available with 2.6.22.8 or in this commit:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212

Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-09-26 06:24:51 UTC

Are the external drivers affected too?

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-09-26 06:25:27 UTC

Nevermind I didn't see the other bug and sorry for the bugspam.