Vigil@nce - Linux kernel: information disclosure via snd_timer_user_read
June 2017 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can read a memory fragment via
snd_timer_user_read() of the Linux kernel, in order to get
sensitive information.
– Impacted products: Linux, openSUSE Leap.
– Severity: 1/4.
– Creation date: 13/06/2017.
DESCRIPTION OF THE VULNERABILITY
In the Linux kernel, the ALSA subsystem manages sound devices.
However, the function snd_timer_user_read does not initialize a
memory area before returning it to the user in an ioctl call.
A local attacker can therefore read a memory fragment via
snd_timer_user_read() of the Linux kernel, in order to get
sensitive information.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-via-snd-timer-user-read-22954