SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Linux)  >   Linux Kernel Vendors:   kernel.org
Linux Kernel C-Media PCI Audio Driver Does Not Properly Access Userspace Data
SecurityTracker Alert ID:  1007556
SecurityTracker URL:  http://securitytracker.com/id/1007556
CVE Reference:   CVE-2003-0699   (Links to External Site)
Date:  Aug 22 2003
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.4, prior to 2.4.21
Description:   A vulnerability was reported in the Linux kernel in the C-Media PCI sound driver. The driver does not properly separate userspace and kernel space data.

It is reported that 'cmpci.c' accesses some userspace arguments without using the get_user() function to copy the userspace data to kernel space.

No specific exploit method was described.

Impact:   No specific impact was reported. It may (theoretically) be possible for a local user to execute arbitrary code with kernel level privileges or to read kernel data.
Solution:   The vendor has released a fixed version (2.4.21) of the Linux kernel.
Vendor URL:  www.kernel.org/ (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents

Subject:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=2003-0699



 > CVE:  CAN-2003-0699

 > The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user
 > function to access userspace, which crosses security boundaries and may
 > facilitate the exploitation of vulnerabilities.

-----

 > RHSA-2003:198-16

 > The C-Media PCI sound driver in unpatched kernel versions prior to 2.4.21
 > accesses userspace without using the get_user function, which is a
 > potential security hole. The Common Vulnerabilities and Exposures project
 > (cve.mitre.org) has assigned the name CAN-2003-0699 to this issue.

-----

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC