2.1
CVE-2007-4571
- EPSS 0.76%
- Veröffentlicht 26.09.2007 10:17:00
- Zuletzt bearbeitet 16.06.2026 22:44:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version <= 2.6.22.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.76% | 0.505 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/27227
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
http://secunia.com/advisories/27436
http://secunia.com/advisories/27747
http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
http://www.redhat.com/support/errata/RHSA-2007-0939.html
http://secunia.com/advisories/28626
http://www.debian.org/security/2008/dsa-1479
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
http://secunia.com/advisories/26918
http://secunia.com/advisories/26980
http://secunia.com/advisories/26989
http://secunia.com/advisories/27101
http://secunia.com/advisories/27824
http://secunia.com/advisories/29054
http://secunia.com/advisories/30769
http://www.debian.org/security/2008/dsa-1505
http://www.redhat.com/support/errata/RHSA-2007-0993.html
http://www.securityfocus.com/bid/25807
http://www.securitytracker.com/id?1018734
http://www.ubuntu.com/usn/usn-618-1
http://www.vupen.com/english/advisories/2007/3272
https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
https://issues.rpath.com/browse/RPL-1761
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html