blob: 3594c976e247bff5d28de71d926d8ddaec973188 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
Candidate: CVE-2004-0178
References:
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
http://www.debian.org/security/2004/dsa-479
http://www.debian.org/security/2004/dsa-480
http://www.debian.org/security/2004/dsa-481
http://www.debian.org/security/2004/dsa-482
http://www.debian.org/security/2004/dsa-489
http://www.debian.org/security/2004/dsa-491
http://www.debian.org/security/2004/dsa-495
http://security.gentoo.org/glsa/glsa-200407-02.xml
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:029
http://www.redhat.com/support/errata/RHSA-2004-413.html
http://www.redhat.com/support/errata/RHSA-2004-437.html
ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
http://linux.bkbits.net:8080/linux-2.4/cset@404ce5967rY2Ryu6Z_uNbYh643wuFA
http://www.ciac.org/ciac/bulletins/o-121.shtml
http://www.ciac.org/ciac/bulletins/o-127.shtml
http://www.ciac.org/ciac/bulletins/o-193.shtml
http://www.securityfocus.com/bid/9985
http://xforce.iss.net/xforce/xfdb/15868
Description:
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x
before 2.4.26, when operating in 16 bit mode, does not properly
handle certain sample sizes, which allows local users to cause a
denial of service (crash) via a sample with an odd number of bytes.
Notes:
jmm> I've verified that above patch is included in 2.6.8
Bugs:
upstream: released (2.4.26-pre3)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody2)
2.4.18-woody-security: released (2.4.18-14.3)
2.4.17-woody-security: released (2.4.17-1woody3)
2.4.16-woody-security: released (2.4.16-1woody2)
2.4.17-woody-security-hppa: released (32.4, 62.3)
2.4.17-woody-security-ia64: released (011226.17)
2.4.18-woody-security-hppa: released (62.3)
|