2.1

CVE-2007-4571

EPSS 0.13%
Veröffentlicht 26.09.2007 10:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 32

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 2.6.22.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.329

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

http://secunia.com/advisories/27227

http://www.novell.com/linux/security/advisories/2007_53_kernel.html

http://secunia.com/advisories/27436

http://secunia.com/advisories/27747

http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm

http://www.redhat.com/support/errata/RHSA-2007-0939.html

http://secunia.com/advisories/28626

http://www.debian.org/security/2008/dsa-1479

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600

http://secunia.com/advisories/26918

http://secunia.com/advisories/26980

http://secunia.com/advisories/26989

http://secunia.com/advisories/27101

http://secunia.com/advisories/27824

http://secunia.com/advisories/29054

http://secunia.com/advisories/30769

http://www.debian.org/security/2008/dsa-1505

http://www.redhat.com/support/errata/RHSA-2007-0993.html

http://www.securityfocus.com/bid/25807

http://www.securitytracker.com/id?1018734

http://www.ubuntu.com/usn/usn-618-1

http://www.vupen.com/english/advisories/2007/3272

https://exchange.xforce.ibmcloud.com/vulnerabilities/36780

https://issues.rpath.com/browse/RPL-1761

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html

https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html

https://nvd.nist.gov/vuln/detail/CVE-2007-4571

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-4571

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-4571

EUVD