Launchpad.net

CVE 2007-4571

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

Related bugs and status

CVE-2007-4571 (Candidate) is related to these bugs:

Bug #26119: Possible fake host protected area (hpa) detected in ide drive causing SectorIdNotFound

		In	Importance	Status
26119	Possible fake host protected area (hpa) detected in ide drive causing SectorIdNotFound	linux-source-2.6.15 (Ubuntu)	Medium	Won't Fix
26119	Possible fake host protected area (hpa) detected in ide drive causing SectorIdNotFound	linux-source-2.6.22 (Ubuntu)	Low	Won't Fix
26119	Possible fake host protected area (hpa) detected in ide drive causing SectorIdNotFound	linux (Ubuntu)	Undecided	Fix Released

Bug #57146: [prism2.5] doesn't associate for network-manager with hostap_cs

		In	Importance	Status
57146	[prism2.5] doesn't associate for network-manager with hostap_cs	linux-source-2.6.17 (Ubuntu)	High	Invalid
57146	[prism2.5] doesn't associate for network-manager with hostap_cs	network-manager (Ubuntu)	Undecided	Invalid
57146	[prism2.5] doesn't associate for network-manager with hostap_cs	linux-source-2.6.22 (Ubuntu)	Medium	Fix Released

Bug #94186: 3c59x - 10/100 NIC fails to link to gigabit switch

		In	Importance	Status
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux-source-2.6.22 (Ubuntu)	Low	Fix Released
94186	3c59x - 10/100 NIC fails to link to gigabit switch	linux (Ubuntu)	Undecided	Fix Released

Bug #125250: Don't recognise USB Pendrive -> sr0: disc change detected.

		In	Importance	Status
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Hardy)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Hardy)	Undecided	Won't Fix
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Intrepid)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Intrepid)	Undecided	Invalid
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux (Ubuntu Jaunty)	Medium	Fix Released
125250	Don't recognise USB Pendrive -> sr0: disc change detected.	linux-source-2.6.20 (Ubuntu Jaunty)	Undecided	Invalid

Bug #125832: [gutsy] orinoco_cs.ko missing

		In	Importance	Status
125832	[gutsy] orinoco_cs.ko missing	linux-source-2.6.22 (Ubuntu)	High	Fix Released
125832	[gutsy] orinoco_cs.ko missing	Ubuntu	Undecided	Invalid
125832	[gutsy] orinoco_cs.ko missing	Ubuntu Studio	Undecided	Fix Released

Bug #128289: VIA southbridge Intel id missing

Summary				In	Importance	Status
	128289	VIA southbridge Intel id missing		linux-source-2.6.22 (Ubuntu)	Medium	Fix Released

Bug #132466: Add T-Sinus 111card to hostap_cs driver to be able to upload firmware

Summary				In	Importance	Status
	132466	Add T-Sinus 111card to hostap_cs driver to be able to upload firmware		linux-source-2.6.22 (Ubuntu)	Medium	Fix Released

Bug #134123: MT6227 USB to Serial fails to create /dev/ttyACM0

Summary				In	Importance	Status
	134123	MT6227 USB to Serial fails to create /dev/ttyACM0		linux-source-2.6.20 (Ubuntu)	Undecided	Won't Fix
	134123	MT6227 USB to Serial fails to create /dev/ttyACM0		linux-source-2.6.22 (Ubuntu)	Low	Fix Released

Bug #134477: With Gutsy - Nikon cameras need support in unusual_devs.h

		In	Importance	Status
134477	With Gutsy - Nikon cameras need support in unusual_devs.h	linux-source-2.6.22 (Ubuntu)	Medium	Won't Fix
134477	With Gutsy - Nikon cameras need support in unusual_devs.h	linux (Ubuntu)	Undecided	Fix Released
134477	With Gutsy - Nikon cameras need support in unusual_devs.h	Launchpad itself	Undecided	Invalid

Bug #135316: Marvell Technology ethernet card not recognized and not operational

Summary				In	Importance	Status
	135316	Marvell Technology ethernet card not recognized and not operational		linux-source-2.6.22 (Ubuntu)	High	Fix Released

Bug #139047: -xen kernel does not contain smbfs

Summary				In	Importance	Status
	139047	-xen kernel does not contain smbfs		linux-source-2.6.22 (Ubuntu)	Low	Fix Released

Bug #139079: kernel 2.6.22-11 fails to resume drive correctly

Summary				In	Importance	Status
	139079	kernel 2.6.22-11 fails to resume drive correctly		linux-source-2.6.22 (Ubuntu)	Medium	Fix Released

Bug #139767: [patch] agp for i830m broken in gutsy, works in feisty

Summary				In	Importance	Status
	139767	[patch] agp for i830m broken in gutsy, works in feisty		linux-source-2.6.22 (Ubuntu)	Medium	Fix Released
	139767	[patch] agp for i830m broken in gutsy, works in feisty		linux-source-2.6.20 (Ubuntu)	High	Won't Fix

Bug #140761: Ubuntu 7.10 Alpha Gust OS does not recognize a lun with non zero target id on Vmware ESX Server

Summary				In	Importance	Status
	140761	Ubuntu 7.10 Alpha Gust OS does not recognize a lun with non zero target id on Vmware ESX Server		linux-source-2.6.22 (Ubuntu)	Medium	Fix Released

Bug #144336: ACPI acpi_scan_rsdp() breaks some PCs by not honouring ACPI specification

Summary				In	Importance	Status
	144336	ACPI acpi_scan_rsdp() breaks some PCs by not honouring ACPI specification		linux-source-2.6.22 (Ubuntu)	High	Fix Released

Bug #145857: [gutsy] thinkpad_acpi oops on thinkpad t22

Summary				In	Importance	Status
	145857	[gutsy] thinkpad_acpi oops on thinkpad t22		acpi-support (Ubuntu)	Undecided	Invalid
	145857	[gutsy] thinkpad_acpi oops on thinkpad t22		linux-source-2.6.22 (Ubuntu)	High	Fix Released

Bug #146311: VM86 not enabled for LPIA

Summary				In	Importance	Status
	146311	VM86 not enabled for LPIA		linux-source-2.6.22 (Ubuntu)	High	Fix Released

Bug #147383: T61 is not in the whitelist for hdaps

Summary				In	Importance	Status
	147383	T61 is not in the whitelist for hdaps		linux-source-2.6.22 (Ubuntu)	Medium	Won't Fix
	147383	T61 is not in the whitelist for hdaps		linux (Ubuntu)	Undecided	Fix Released

Bug #148055: Thinkpad-acpi controls backlight poorly on new Thinkpads, prevents maximum brightness

Summary				In	Importance	Status
	148055	Thinkpad-acpi controls backlight poorly on new Thinkpads, prevents maximum brightness		linux-source-2.6.22 (Ubuntu)	Low	Fix Released

Bug #148219: No locking in ACPI hotswap code

Summary				In	Importance	Status
	148219	No locking in ACPI hotswap code		linux-source-2.6.22 (Ubuntu)	High	Fix Released

Bug #182716: bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.

		In	Importance	Status
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Ubuntu)	Medium	Fix Released
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	Ubuntu	Undecided	Invalid
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	Linux	Undecided	Invalid
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Mandriva)	Undecided	New
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux-source-2.6.22 (Ubuntu)	Undecided	Won't Fix
182716	bcm4306, bcm4309, bcm4311, bcm4312 with b43 : Authentication with AP doesn't work.	linux (Baltix)	Undecided	New

Bug #187275: [linux-source] several local vulnerabilities

Summary				In	Importance	Status
	187275	[linux-source] several local vulnerabilities		linux (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-4571

Related bugs and status

Related bugs

References