The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel before 2.6.37 incorrectly expects that a certain name field ends with a '\0' character, which allows local users to conduct buffer overflow attacks and gain privileges, or possibly obtain sensitive information from kernel memory, via a SOUND_MIXER_SETLEVELS ioctl call.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2011-01-13T18:35:00
Updated: 2024-08-07T03:51:17.231Z
Reserved: 2010-12-09T00:00:00
Link: CVE-2010-4527
Vulnrichment
No data.
NVD
Status : Modified
Published: 2011-01-13T19:00:04.243
Modified: 2024-11-21T01:21:08.830
Link: CVE-2010-4527
Redhat