Advanced Linux Sound Architecture Libasound.SO Stack-Memory Protection Bypass Weakness
BID:12575
Info
Advanced Linux Sound Architecture Libasound.SO Stack-Memory Protection Bypass Weakness
| Bugtraq ID: | 12575 |
| Class: | Unknown |
| CVE: |
CVE-2005-0087 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 16 2005 12:00AM |
| Updated: | Jul 12 2009 10:06AM |
| Credit: | This weakness was announced in a vendor advisory. |
| Vulnerable: |
Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Enterprise Linux Desktop version 4 ALSA alsa-lib 1.0.6 |
| Not Vulnerable: | |
Discussion
Advanced Linux Sound Architecture Libasound.SO Stack-Memory Protection Bypass Weakness
A security weakness is reported to affect the Advanced Linux Sound Architecture (ALSA) 'libasound.so' module; specifically the issue is reported to be present in the ALSA mixer code. It is reported that the weakness can be leveraged to disable stack-based memory code execution protection on binaries that are linked to the library.
A security weakness is reported to affect the Advanced Linux Sound Architecture (ALSA) 'libasound.so' module; specifically the issue is reported to be present in the ALSA mixer code. It is reported that the weakness can be leveraged to disable stack-based memory code execution protection on binaries that are linked to the library.
Exploit / POC
Advanced Linux Sound Architecture Libasound.SO Stack-Memory Protection Bypass Weakness
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Advanced Linux Sound Architecture Libasound.SO Stack-Memory Protection Bypass Weakness
Solution:
Red Hat has released advisory RHSA-2005:033-01 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
Solution:
Red Hat has released advisory RHSA-2005:033-01 and fixes to address this issue on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
References
Advanced Linux Sound Architecture Libasound.SO Stack-Memory Protection Bypass Weakness
References:
References: