CVE-2007-4571

N/A Unknown
Published: September 26, 2007 Modified: April 23, 2026
View on NVD

Description

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
Source: secalert@redhat.com
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
Source: secalert@redhat.com
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
Source: secalert@redhat.com
http://secunia.com/advisories/26918
Source: secalert@redhat.com
http://secunia.com/advisories/26980
Source: secalert@redhat.com
http://secunia.com/advisories/26989
Source: secalert@redhat.com
http://secunia.com/advisories/27101
Source: secalert@redhat.com
http://secunia.com/advisories/27227
Source: secalert@redhat.com
http://secunia.com/advisories/27436
Source: secalert@redhat.com
http://secunia.com/advisories/27747
Source: secalert@redhat.com
http://secunia.com/advisories/27824
Source: secalert@redhat.com
http://secunia.com/advisories/28626
Source: secalert@redhat.com
http://secunia.com/advisories/29054
Source: secalert@redhat.com
http://secunia.com/advisories/30769
Source: secalert@redhat.com
http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
Source: secalert@redhat.com
http://www.debian.org/security/2008/dsa-1479
Source: secalert@redhat.com
http://www.debian.org/security/2008/dsa-1505
Source: secalert@redhat.com
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0939.html
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2007-0993.html
Source: secalert@redhat.com
http://www.securityfocus.com/bid/25807
Source: secalert@redhat.com
http://www.securitytracker.com/id?1018734
Source: secalert@redhat.com
http://www.ubuntu.com/usn/usn-618-1
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2007/3272
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
Source: secalert@redhat.com
https://issues.rpath.com/browse/RPL-1761
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html
Source: secalert@redhat.com
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212
Source: af854a3a-2127-422b-91ae-364da2661108
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
Source: af854a3a-2127-422b-91ae-364da2661108
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26918
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26980
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26989
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/27101
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/27227
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/27436
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/27747
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/27824
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/28626
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/29054
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/30769
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2008/dsa-1479
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2008/dsa-1505
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0939.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2007-0993.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/25807
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1018734
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-618-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/3272
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/36780
Source: af854a3a-2127-422b-91ae-364da2661108
https://issues.rpath.com/browse/RPL-1761
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html
Source: af854a3a-2127-422b-91ae-364da2661108

58 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.8%
51th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

linux