{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2007-4571", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "n/a", "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "http://secunia.com/advisories/30769", "refsource": "MISC", "name": "http://secunia.com/advisories/30769" }, { "url": "http://www.ubuntu.com/usn/usn-618-1", "refsource": "MISC", "name": "http://www.ubuntu.com/usn/usn-618-1" }, { "url": "http://secunia.com/advisories/27227", "refsource": "MISC", "name": "http://secunia.com/advisories/27227" }, { "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html", "refsource": "MISC", "name": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html" }, { "url": "http://secunia.com/advisories/27436", "refsource": "MISC", "name": "http://secunia.com/advisories/27436" }, { "url": "http://secunia.com/advisories/27747", "refsource": "MISC", "name": "http://secunia.com/advisories/27747" }, { "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm", "refsource": "MISC", "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm" }, { "url": "http://www.redhat.com/support/errata/RHSA-2007-0939.html", "refsource": "MISC", "name": "http://www.redhat.com/support/errata/RHSA-2007-0939.html" }, { "url": "http://secunia.com/advisories/27824", "refsource": "MISC", "name": "http://secunia.com/advisories/27824" }, { "url": "http://www.redhat.com/support/errata/RHSA-2007-0993.html", "refsource": "MISC", "name": "http://www.redhat.com/support/errata/RHSA-2007-0993.html" }, { "url": "http://secunia.com/advisories/28626", "refsource": "MISC", "name": "http://secunia.com/advisories/28626" }, { "url": "http://www.debian.org/security/2008/dsa-1479", "refsource": "MISC", "name": "http://www.debian.org/security/2008/dsa-1479" }, { "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212", "refsource": "MISC", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212" }, { "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8", "refsource": "MISC", "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8" }, { "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600", "refsource": "MISC", "name": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600" }, { "url": "http://secunia.com/advisories/26918", "refsource": "MISC", "name": "http://secunia.com/advisories/26918" }, { "url": "http://secunia.com/advisories/26980", "refsource": "MISC", "name": "http://secunia.com/advisories/26980" }, { "url": "http://secunia.com/advisories/26989", "refsource": "MISC", "name": "http://secunia.com/advisories/26989" }, { "url": "http://secunia.com/advisories/27101", "refsource": "MISC", "name": "http://secunia.com/advisories/27101" }, { "url": "http://secunia.com/advisories/29054", "refsource": "MISC", "name": "http://secunia.com/advisories/29054" }, { "url": "http://www.debian.org/security/2008/dsa-1505", "refsource": "MISC", "name": "http://www.debian.org/security/2008/dsa-1505" }, { "url": "http://www.securityfocus.com/bid/25807", "refsource": "MISC", "name": "http://www.securityfocus.com/bid/25807" }, { "url": "http://www.securitytracker.com/id?1018734", "refsource": "MISC", "name": "http://www.securitytracker.com/id?1018734" }, { "url": "http://www.vupen.com/english/advisories/2007/3272", "refsource": "MISC", "name": "http://www.vupen.com/english/advisories/2007/3272" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36780", "refsource": "MISC", "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36780" }, { "url": "https://issues.rpath.com/browse/RPL-1761", "refsource": "MISC", "name": "https://issues.rpath.com/browse/RPL-1761" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053", "refsource": "MISC", "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053" }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html", "refsource": "MISC", "name": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html" }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html", "refsource": "MISC", "name": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html" } ] } }