{ "schema_version": "1.4.0", "id": "GHSA-6cf8-wrcg-w8rr", "modified": "2022-05-01T18:24:57Z", "published": "2022-05-01T18:24:57Z", "aliases": [ "CVE-2007-4571" ], "details": "The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4571" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36780" }, { "type": "WEB", "url": "https://issues.rpath.com/browse/RPL-1761" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html" }, { "type": "WEB", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212" }, { "type": "WEB", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212" }, { "type": "WEB", "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8" }, { "type": "WEB", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600" }, { "type": "WEB", "url": "http://secunia.com/advisories/26918" }, { "type": "WEB", "url": "http://secunia.com/advisories/26980" }, { "type": "WEB", "url": "http://secunia.com/advisories/26989" }, { "type": "WEB", "url": "http://secunia.com/advisories/27101" }, { "type": "WEB", "url": "http://secunia.com/advisories/27227" }, { "type": "WEB", "url": "http://secunia.com/advisories/27436" }, { "type": "WEB", "url": "http://secunia.com/advisories/27747" }, { "type": "WEB", "url": "http://secunia.com/advisories/27824" }, { "type": "WEB", "url": "http://secunia.com/advisories/28626" }, { "type": "WEB", "url": "http://secunia.com/advisories/29054" }, { "type": "WEB", "url": "http://secunia.com/advisories/30769" }, { "type": "WEB", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm" }, { "type": "WEB", "url": "http://www.debian.org/security/2008/dsa-1479" }, { "type": "WEB", "url": "http://www.debian.org/security/2008/dsa-1505" }, { "type": "WEB", "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2007-0939.html" }, { "type": "WEB", "url": "http://www.redhat.com/support/errata/RHSA-2007-0993.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/25807" }, { "type": "WEB", "url": "http://www.securitytracker.com/id?1018734" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/usn-618-1" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2007/3272" } ], "database_specific": { "cwe_ids": [], "severity": "LOW", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2007-09-26T10:17:00Z" } }