APPLIED: [CVE-2011-1477] MIDI sequencer overruns
Tim Gardner
rtg.canonical at gmail.com
Thu Feb 2 13:00:47 UTC 2012
On 02/02/2012 03:17 AM, Andy Whitcroft wrote:
> CVE-2011-1477
> Due to a failure to validate user-supplied indexes in the driver
> for Yamaha YM3812 and OPL-3 chips, a specially crafted ioctl
> request may be sent to /dev/sequencer, resulting in reading
> and writing beyond the bounds of heap buffers, and potentially
> allowing privilege escalation.
>
> Fixes for this issue have hit lucid and later via mainline and stable.
> Following this email is a fix for hardy and maverick/ti-omap4, this is a
> simple cherry-pick of the mainline fix.
>
> It should be noted that we do not have OSS enabled in later releases but
> people do use our source to make their own kernels so I am proposing we
> apply it to the one missed release. It is arguable we should not bother
> applying this maverick/ti-omap4.
>
> Proposing for hardy and maverick/ti-omap4.
>
> -apw
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list