Security Advisory

CVE-2010-4527

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2011-01-13 18:35:00

Last updated 2024-08-07 03:51:17

Assigner redhat

State PUBLISHED

Description

The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel before 2.6.37 incorrectly expects that a certain name field ends with a 0 character, which allows local users to conduct buffer overflow attacks and gain privileges, or possibly obtain sensitive information from kernel memory, via a SOUND_MIXER_SETLEVELS ioctl call.

← Browse all CVEs View on cve.org ↗