sound/core/timer.c in the Linux kernel up to and including 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 15.10 |
||
canonical ubuntu linux 16.04 |
||
debian debian linux 8.0 |
||
redhat enterprise linux server tus 7.3 |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux server eus 7.3 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server aus 7.6 |
||
redhat enterprise linux server eus 7.4 |
||
redhat enterprise linux server eus 7.5 |
||
redhat enterprise linux server eus 7.6 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux server aus 7.3 |
||
redhat enterprise linux server tus 7.6 |
||
redhat enterprise linux desktop 7.0 |
||
opensuse opensuse 13.1 |
||
opensuse leap 42.1 |