mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-22 04:03:58 +08:00
82e68f7ffe
snd_seq_oss_synth_make_info() incorrectly reports information to userspace without first checking for the validity of the device number, leading to possible information leak (CVE-2008-3272). Reported-By: Tobias Klein <tk@trapkit.de> Acked-and-tested-by: Takashi Iwai <tiwai@suse.de> Cc: stable@kernel.org Signed-off-by: Willy Tarreau <w@1wt.eu> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
---|---|---|
.. | ||
Makefile | ||
seq_oss_device.h | ||
seq_oss_event.c | ||
seq_oss_event.h | ||
seq_oss_init.c | ||
seq_oss_ioctl.c | ||
seq_oss_midi.c | ||
seq_oss_midi.h | ||
seq_oss_readq.c | ||
seq_oss_readq.h | ||
seq_oss_rw.c | ||
seq_oss_synth.c | ||
seq_oss_synth.h | ||
seq_oss_timer.c | ||
seq_oss_timer.h | ||
seq_oss_writeq.c | ||
seq_oss_writeq.h | ||
seq_oss.c |