Home > Vulnerability Database > CVE-2007-4571

Mend.io Vulnerability Database

CVE-2007-4571

Date: September 26, 2007

The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc.

Severity Score

4.0

Related Resources (33)

Url: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccec6e2c4a74adf76ed4e2478091a311b1806212

Url: http://www.redhat.com/support/errata/RHSA-2007-0993.html

Url: http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9053

Url: http://www.securityfocus.com/bid/25807

Url: https://issues.rpath.com/browse/RPL-1761

Url: http://secunia.com/advisories/26989

Url: https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00083.html

Url: http://secunia.com/advisories/28626

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-4571

Url: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600

Url: http://secunia.com/advisories/26980

Url: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00436.html

Url: http://secunia.com/advisories/27436

Url: http://www.ubuntu.com/usn/usn-618-1

Url: http://www.debian.org/security/2008/dsa-1505

Url: http://secunia.com/advisories/29054

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/36780

Url: http://www.vupen.com/english/advisories/2007/3272

Url: http://www.securitytracker.com/id?1018734

Url: http://secunia.com/advisories/26918

Url: https://access.redhat.com/security/cve/CVE-2007-4571

Url: http://secunia.com/advisories/27747

Url: http://www.debian.org/security/2008/dsa-1479

Url: http://secunia.com/advisories/27824

Url: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8

Url: http://secunia.com/advisories/30769

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-4571

Url: http://www.novell.com/linux/security/advisories/2007_53_kernel.html

Url: http://www.redhat.com/support/errata/RHSA-2007-0939.html

Url: http://secunia.com/advisories/27101

Url: http://secunia.com/advisories/27227

Url: https://www.mend.io/vulnerability-database/CVE-2007-4571

Severity Score

4.0

CVSS v3.1

Base Score:	4.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	2.1
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-4571

Date: September 26, 2007

Severity Score

Related Resources (33)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?