Advanced Linux Sound Architecture Library Stack Protection Disabling Weakness
BID:12325
Info
Advanced Linux Sound Architecture Library Stack Protection Disabling Weakness
| Bugtraq ID: | 12325 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 20 2005 12:00AM |
| Updated: | Jan 20 2005 12:00AM |
| Credit: | Announced in a Fedora update. |
| Vulnerable: |
ALSA alsa-lib 1.0.6 |
| Not Vulnerable: | |
Discussion
Advanced Linux Sound Architecture Library Stack Protection Disabling Weakness
The Advanced Linux Sound Architecture (ALSA) library contains a weakness that disables stack protection schemes for its children.
If a child application of the ALSA library contains an exploitable stack overflow, it will not be protected against by any stack protection schemes that may be in place, potentially allowing arbitrary code to be executed on the computer.
The Advanced Linux Sound Architecture (ALSA) library contains a weakness that disables stack protection schemes for its children.
If a child application of the ALSA library contains an exploitable stack overflow, it will not be protected against by any stack protection schemes that may be in place, potentially allowing arbitrary code to be executed on the computer.
Exploit / POC
Advanced Linux Sound Architecture Library Stack Protection Disabling Weakness
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Advanced Linux Sound Architecture Library Stack Protection Disabling Weakness
Solution:
Fedora has released an advisory (FEDORA-2005-042) and fixes for this issue. See the referenced advisory for information on obtaining fixes.
ALSA alsa-lib 1.0.6
Solution:
Fedora has released an advisory (FEDORA-2005-042) and fixes for this issue. See the referenced advisory for information on obtaining fixes.
ALSA alsa-lib 1.0.6
-
Fedora alsa-lib-1.0.6-7.FC3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora alsa-lib-1.0.6-7.FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora alsa-lib-debuginfo-1.0.6-7.FC3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora alsa-lib-debuginfo-1.0.6-7.FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora alsa-lib-devel-1.0.6-7.FC3.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ -
Fedora alsa-lib-devel-1.0.6-7.FC3.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
References
Advanced Linux Sound Architecture Library Stack Protection Disabling Weakness
References:
References: