** Description changed: - Specially crafted requests may be written to /dev/sequencer resulting in - an underflow when calculating a size for a copy_from_user() operation in - the driver for MIDI interfaces. On x86, this just returns an error, but - it may cause memory corruption on other architectures. Other malformed - requests may result in the use of uninitialized variables. + Integer underflow in the Open Sound System (OSS) subsystem in the Linux + kernel before 2.6.39 on unspecified non-x86 platforms allows local users + to cause a denial of service (memory corruption) by leveraging write + access to /dev/sequencer. Break-Fix: - b769f49463711205d57286e64cf535ed4daf59e9
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/925337 Title: CVE-2011-1476 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925337/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
