Buffer overflow in Linux kernel - CVE-2007-4571
Published: September 26, 2007 / Updated: July 3, 2024
Vulnerability identifier: #VU93726
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2007-4571
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
Public exploit is available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to gain access to sensitive information.
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
How to mitigate CVE-2007-4571
Install update from vendor's website.
Sources
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
- https://issues.rpath.com/browse/RPL-1761
- http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
- https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
- http://www.redhat.com/support/errata/RHSA-2007-0939.html
- http://www.redhat.com/support/errata/RHSA-2007-0993.html
- http://www.novell.com/linux/security/advisories/2007_53_kernel.html
- http://www.securityfocus.com/bid/25807
- http://www.securitytracker.com/id?1018734
- http://secunia.com/advisories/26918
- http://secunia.com/advisories/26989
- http://secunia.com/advisories/26980
- http://secunia.com/advisories/27101
- http://secunia.com/advisories/27436
- http://secunia.com/advisories/27227
- http://secunia.com/advisories/27747
- http://secunia.com/advisories/27824
- http://www.debian.org/security/2008/dsa-1479
- http://secunia.com/advisories/28626
- http://www.debian.org/security/2008/dsa-1505
- http://secunia.com/advisories/29054
- http://secunia.com/advisories/30769
- http://www.ubuntu.com/usn/usn-618-1
- http://www.vupen.com/english/advisories/2007/3272
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212