FKIE_CVE-2007-4571

Vulnerability from fkie_nvd - Published: 2007-09-26 10:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
References
secalert@redhat.comhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
secalert@redhat.comhttp://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
secalert@redhat.comhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
secalert@redhat.comhttp://secunia.com/advisories/26918
secalert@redhat.comhttp://secunia.com/advisories/26980
secalert@redhat.comhttp://secunia.com/advisories/26989
secalert@redhat.comhttp://secunia.com/advisories/27101
secalert@redhat.comhttp://secunia.com/advisories/27227
secalert@redhat.comhttp://secunia.com/advisories/27436
secalert@redhat.comhttp://secunia.com/advisories/27747
secalert@redhat.comhttp://secunia.com/advisories/27824
secalert@redhat.comhttp://secunia.com/advisories/28626
secalert@redhat.comhttp://secunia.com/advisories/29054
secalert@redhat.comhttp://secunia.com/advisories/30769
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1479
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1505
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2007_53_kernel.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2007-0939.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2007-0993.html
secalert@redhat.comhttp://www.securityfocus.com/bid/25807
secalert@redhat.comhttp://www.securitytracker.com/id?1018734
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-618-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/3272
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36780
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-1761
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
af854a3a-2127-422b-91ae-364da2661108http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26918
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26980
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26989
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27101
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27227
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27747
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27824
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28626
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29054
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30769
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1479
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1505
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2007_53_kernel.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0939.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0993.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25807
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018734
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-618-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3272
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1761
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html
Impacted products
Vendor Product Version
linux linux_kernel *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F643C88B-345A-4F61-9B41-000610031748",
              "versionEndIncluding": "2.6.22.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n snd_mem_proc_read en sound/core/memalloc.c de Advanced Linux Sound Architecture (ALSA) en el n\u00facleo de Linux anterior a 2.6.22.8 no devuelve el tama\u00f1o de escritura correcto, lo cual permite a usuarios locales obtener informaci\u00f3n sensible (contenidos de la memoria del n\u00facleo) mediante un argumento de cuenta peque\u00f1o, como ha sido demostrado mediante m\u00faltiples lecturas de /proc/driver/snd-page-alloc."
    }
  ],
  "id": "CVE-2007-4571",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-09-26T10:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26918"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26980"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26989"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27101"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27227"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27436"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28626"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30769"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1479"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1505"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0939.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0993.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/25807"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1018734"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-618-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/3272"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36780"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1761"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26980"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26989"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28626"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1505"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0939.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0993.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25807"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018734"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-618-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1 or 3.",
      "lastModified": "2007-10-18T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.