Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2007-4571
HistorySep 26, 2007 - 12:00 a.m.

CVE-2007-4571

2007-09-2600:00:00
ubuntu.com
ubuntu.com
13

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced
Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does
not return the correct write size, which allows local users to obtain
sensitive information (kernel memory contents) via a small count argument,
as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

Bugs

Notes

Author Note
jdstrand kernel-sec has ‘ignored (2.6.18.dfsg.1-13etch3)’
kees ABI changer – will roll this out when a more serious ABI change comes in
OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlinux-source-2.6.15< 2.6.15-52.67UNKNOWN
ubuntu7.04noarchlinux-source-2.6.20< 2.6.20-17.36UNKNOWN
ubuntu7.10noarchlinux-source-2.6.22< 2.6.22-12.39UNKNOWN

Related

seebug 2
osv 2
prion 1
openvas 15
securityvulns 1
nessus 17
fedora 2
exploitpack 1
veracode 1
cve 1
debian 2
exploitdb 1
oraclelinux 2
redhat 2
ubuntu 1
centos 1
suse 1
seebug
seebug
Linux Kernel 2.6.x ALSA snd-page-alloc Local Proc File Information Disclosure Vulnerability
2014-07-01 00:00:00
Linux Kernel ALSA驱动snd-page-alloc本地Proc文件信息泄露漏洞
2007-09-27 00:00:00
osv
osv
alsa-driver alsa-modules-i386 - kernel memory leak
2008-02-22 00:00:00
linux-2.6
2008-01-29 00:00:00
prion
prion
Code injection
2007-09-26 10:17:00
openvas
openvas
Debian Security Advisory DSA 1505-1 (alsa-driver)
2008-02-28 00:00:00
Fedora Update for kernel FEDORA-2007-714
2009-02-27 00:00:00
Fedora Update for kernel FEDORA-2007-2349
2009-02-27 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 09.25.07: Linux Kernel ALSA snd_mem_proc_read Information Disclosure Vulnerability
2007-09-26 00:00:00
nessus
nessus
Fedora Core 6 : kernel-2.6.22.9-61.fc6 (2007-714)
2007-10-09 00:00:00
Debian DSA-1505-1 : alsa-driver - kernel memory leak
2008-02-25 00:00:00
Fedora 7 : kernel-2.6.22.9-91.fc7 (2007-2349)
2007-11-06 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: kernel-2.6.22.9-91.fc7
2007-09-28 21:24:04
[SECURITY] Fedora Core 6 Update: kernel-2.6.22.9-61.fc6
2007-10-08 13:50:41
exploitpack
exploitpack
Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure
2007-09-21 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:21:59
cve
cve
CVE-2007-4571
2007-09-26 10:17:00
debian
debian
[SECURITY] [DSA 1505-1] New alsa-driver packages fix kernel memory leak
2008-02-22 22:03:09
[SECURITY] [DSA 1479-1] New Linux 2.6.18 packages fix several vulnerabilities
2008-01-29 18:04:31
exploitdb
exploitdb
Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure
2007-09-21 00:00:00
oraclelinux
oraclelinux
Important: kernel security update
2007-11-30 00:00:00
Important: kernel security update
2007-11-02 00:00:00
redhat
redhat
(RHSA-2007:0993) Important: kernel security update
2007-11-29 00:00:00
(RHSA-2007:0939) Important: kernel security update
2007-11-01 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2008-06-19 00:00:00
centos
centos
kernel security update
2007-11-03 02:32:41
suse
suse
local privilege escalation in kernel
2007-10-12 16:04:36

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON
Related for UB:CVE-2007-4571
seebug2osv2prion1openvas15securityvulns1nessus17fedora2exploitpack1veracode1cve1debian2exploitdb1oraclelinux2redhat2ubuntu1centos1suse1