Описание
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.6.27-2.3 |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | released | 2.6.24-19.41 |
| upstream | released | 2.6.27~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.6.15-52.71 |
| devel | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| upstream | released | 2.6.27~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | released | 2.6.20-17.39 |
| gutsy | DNE | |
| hardy | DNE | |
| upstream | released | 2.6.27~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | released | 2.6.22-15.58 |
| hardy | DNE | |
| upstream | released | 2.6.27~rc2 |
Показывать по
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss ...
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
2.1 Low
CVSS2