Lucene search

K
cvelistRedhatCVELIST:CVE-2008-3272
HistoryAug 08, 2008 - 6:12 p.m.

CVE-2008-3272

2008-08-0818:12:00
redhat
www.cve.org
7

AI Score

5.7

Confidence

High

EPSS

0

Percentile

10.1%

The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.

References