CVE-2007-4571

ALSA <2.6.22.8 - Info Disclosure

Title source: llm

Description

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Karimo_DM · clocallinux

https://www.exploit-db.com/exploits/30605

View Code ZIP pw:eip

References (29)

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212

[Various Sources] http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8

[Vendor Advisory] http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0939.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2007-0993.html

[Vendor Advisory] http://www.ubuntu.com/usn/usn-618-1

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36780

[Issue Tracking] https://issues.rpath.com/browse/RPL-1761

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053

[Vendor Advisory] https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html

[Vendor Advisory] https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2007_53_kernel.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/25807

[Third Party Advisory] http://www.debian.org/security/2008/dsa-1479

[Third Party Advisory] http://www.debian.org/security/2008/dsa-1505

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018734

[Third Party Advisory] http://secunia.com/advisories/26918

[Third Party Advisory] http://secunia.com/advisories/26980

[Third Party Advisory] http://secunia.com/advisories/26989

[Third Party Advisory] http://secunia.com/advisories/27101

... and 9 more

Scores

EPSS 0.0015

EPSS Percentile 35.2%

Classification

Status draft

Affected Products (1)

linux/linux_kernel < 2.6.22.7

Timeline

Published Sep 26, 2007

Tracked Since Feb 18, 2026