[CVE-2011-1477] MIDI sequencer overruns
Andy Whitcroft
apw at canonical.com
Thu Feb 2 10:17:13 UTC 2012
CVE-2011-1477
Due to a failure to validate user-supplied indexes in the driver
for Yamaha YM3812 and OPL-3 chips, a specially crafted ioctl
request may be sent to /dev/sequencer, resulting in reading
and writing beyond the bounds of heap buffers, and potentially
allowing privilege escalation.
Fixes for this issue have hit lucid and later via mainline and stable.
Following this email is a fix for hardy and maverick/ti-omap4, this is a
simple cherry-pick of the mainline fix.
It should be noted that we do not have OSS enabled in later releases but
people do use our source to make their own kernels so I am proposing we
apply it to the one missed release. It is arguable we should not bother
applying this maverick/ti-omap4.
Proposing for hardy and maverick/ti-omap4.
-apw
More information about the kernel-team
mailing list