2.1

CVE-2007-4571

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.22.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.76% 0.505
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/27227
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
http://secunia.com/advisories/27436
http://secunia.com/advisories/27747
http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
http://www.redhat.com/support/errata/RHSA-2007-0939.html
http://secunia.com/advisories/28626
http://www.debian.org/security/2008/dsa-1479
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
http://secunia.com/advisories/26918
http://secunia.com/advisories/26980
http://secunia.com/advisories/26989
http://secunia.com/advisories/27101
http://secunia.com/advisories/27824
http://secunia.com/advisories/29054
http://secunia.com/advisories/30769
http://www.debian.org/security/2008/dsa-1505
http://www.redhat.com/support/errata/RHSA-2007-0993.html
http://www.securityfocus.com/bid/25807
http://www.securitytracker.com/id?1018734
http://www.ubuntu.com/usn/usn-618-1
http://www.vupen.com/english/advisories/2007/3272
https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
https://issues.rpath.com/browse/RPL-1761
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html