CVE-2007-4571
Linux Kernel < 2.6.22.8 - Information Disclosure via ALSA snd_mem_proc_read
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-4571. PoCs published by Karimo_DM.
AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in the Linux kernel's ALSA snd-page-alloc driver. It reads kernel memory by exploiting a boundary check failure when count=1, leaking sensitive data.
Description
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Karimo_DM · clocallinux
https://www.exploit-db.com/exploits/30605
This exploit demonstrates an information disclosure vulnerability in the Linux kernel's ALSA snd-page-alloc driver. It reads kernel memory by exploiting a boundary check failure when count=1, leaking sensitive data.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Linux Kernel (versions prior to 2.4.35.3 and 2.6.22.7)
No auth needed
Prerequisites:
Local access to the system · Presence of /proc/driver/snd-page-alloc
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (29)
Core 29
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27747
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27227
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
Patch x_refsource_confirm
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018734
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-618-1
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0939.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3272
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28626
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29054
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1479
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27824
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25807
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26989
Vendor Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
Various Sources x_refsource_confirm
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0993.html
Issue Tracking x_refsource_confirm
https://issues.rpath.com/browse/RPL-1761
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26980
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1505
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
Third Party Advisory third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30769
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27101
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27436
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26918
Scores
EPSS
0.0076
EPSS Percentile
50.5%
Details
Status
published
Products (1)
linux/linux_kernel
< 2.6.22.7
Published
Sep 26, 2007
Tracked Since
Feb 18, 2026