Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-4527
Description:The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel before 2.6.37 incorrectly expects that a certain name field ends with a '\0' character, which allows local users to conduct buffer overflow attacks and gain privileges, or possibly obtain sensitive information from kernel memory, via a SOUND_MIXER_SETLEVELS ioctl call.
Test IDs: 1.3.6.1.4.1.25623.1.0.68992   1.3.6.1.4.1.25623.1.0.69885  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-4527
BugTraq ID: 45629
http://www.securityfocus.com/bid/45629
http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/
http://openwall.com/lists/oss-security/2010/12/31/1
http://openwall.com/lists/oss-security/2010/12/31/4
http://secunia.com/advisories/42765
http://secunia.com/advisories/43291
SuSE Security Announcement: SUSE-SA:2011:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
http://www.vupen.com/english/advisories/2011/0375




© 1998-2022 E-Soft Inc. All rights reserved.