CVE-2010-4527 in Linux信息

摘要

由 VulDB • 2026-07-05

Linux内核中2.6.37版本之前的OSS声音子系统的sound/oss/soundcard.c中的load_mixer_volumes函数错误地假设某个name字段以\0字符结尾,这允许本地用户通过SOUND_MIXER_SETLEVELS ioctl调用进行缓冲区溢出攻击并提升权限,或者可能从内核内存中获取敏感信息。

If you want to get best quality of vulnerability data, you may have to visit VulDB.

来源

Want to stay up to date on a daily basis?

Enable the mail alert feature now!