Upstream information
Description
Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.SUSE information
| National Vulnerability Database | |
|---|---|
| Base Score | 4.68 |
| Vector | AV:L/AC:M/Au:N/C:C/I:N/A:N |
| Access Vector | Local |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | None |
| Availability Impact | None |
- SUSE-SU-2014:0908-1, published Thu, 17 Jul 2014 04:04:21 +0200 (CEST)
- SUSE-SU-2014:0909-1, published Thu, 17 Jul 2014 04:35:29 +0200 (CEST)
- SUSE-SU-2014:0910-1, published Thu, 17 Jul 2014 05:04:18 +0200 (CEST)
- SUSE-SU-2014:0911-1, published Thu, 17 Jul 2014 05:47:46 +0200 (CEST)
- SUSE-SU-2014:0912-1, published Thu, 17 Jul 2014 06:33:34 +0200 (CEST)
- SUSE-SU-2014:1105-1, published Tue Sep 9 17:06:56 MDT 2014
- SUSE-SU-2014:1138-1, published Tue, 16 Sep 2014 19:04:20 +0200 (CEST)
- SUSE-SU-2015:0812-1, published Thu, 30 Apr 2015 21:04:52 +0200 (CEST)
- openSUSE-SU-2014:0957-1, published Fri, 1 Aug 2014 15:04:21 +0200 (CEST)
- openSUSE-SU-2014:0985-1, published Mon, 11 Aug 2014 12:04:19 +0200 (CEST)
- openSUSE-SU-2014:1246-1, published Sun, 28 Sep 2014 18:05:01 +0200 (CEST)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Linux Enterprise Desktop 11 SP3 |
| Patchnames: sledsp3-kernel |
| SUSE Linux Enterprise High Availability Extension 11 SP3 |
| Patchnames: slehasp3-kernel |
| SUSE Linux Enterprise Real Time Extension 11 SP3 |
| Patchnames: slertesp3-kernel |
| SUSE Linux Enterprise Server 11 SP1-LTSS |
| Patchnames: slessp1-kernel |
| SUSE Linux Enterprise Server 11 SP2-LTSS |
| Patchnames: slessp2-kernel |
| SUSE Linux Enterprise Server 11 SP3 |
| Patchnames: slessp3-kernel |
| SUSE Linux Enterprise Server for VMWare 11 SP3 |
| Patchnames: slessp3-kernel |
| SUSE Linux Enterprise High Availability Extension 11 SP3 |
|
Builds SAT Patch Nr: 9488 |
| SUSE Linux Enterprise Desktop 11 SP3 |
|
Builds SAT Patch Nr: 9488 |
| SUSE Linux Enterprise Server 11 SP3 for VMware |
|
Builds SAT Patch Nr: 9488 |
| SUSE Linux Enterprise Server 11 SP3 |
|
Builds SAT Patch Nr: 9488 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9499 |
| SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T |
|
Builds ZYPP Patch Nr: 9093 |
| SUSE Linux Enterprise High Availability Extension 11 SP3 |
|
Builds SAT Patch Nr: 9491 |
| SUSE Linux Enterprise Server 11 SP3 |
|
Builds SAT Patch Nr: 9491 |
| SUSE Linux Enterprise Server 11 SP2 LTSS |
|
Builds SAT Patch Nr: 9632 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9495 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9494 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9701 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9496 |
| SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit |
|
Builds ZYPP Patch Nr: 9095 |
| SUSE Linux Enterprise High Availability Extension 11 SP3 |
|
Builds SAT Patch Nr: 9492 |
| SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware |
|
Builds SAT Patch Nr: 9492 |
| SUSE Linux Enterprise Server 11 SP3 |
|
Builds SAT Patch Nr: 9492 |
| SUSE Linux Enterprise Server 11 SP1 LTSS |
|
Builds SAT Patch Nr: 9667 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9700 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9699 |
| SUSE Linux Enterprise Server 11 SP2 LTSS |
|
Builds SAT Patch Nr: 9630 |
| SUSE Linux Enterprise Server 11 SP2 LTSS |
|
Builds SAT Patch Nr: 9631 |
| SUSE Linux Enterprise Server 10 SP4 LTSS for x86 |
|
Builds ZYPP Patch Nr: 9094 |
| SUSE Linux Enterprise Server 11 SP1 LTSS |
|
Builds SAT Patch Nr: 9658 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9498 |
| SUSE Linux Enterprise High Availability Extension 11 SP3 |
|
Builds SAT Patch Nr: 9493 |
| SUSE Linux Enterprise Desktop 11 SP3 |
|
Builds SAT Patch Nr: 9493 |
| SUSE Linux Enterprise Server 11 SP3 for VMware |
|
Builds SAT Patch Nr: 9493 |
| SUSE Linux Enterprise Server 11 SP3 |
|
Builds SAT Patch Nr: 9493 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9696 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9697 |
| SUSE Linux Enterprise High Availability Extension 11 SP3 |
|
Builds SAT Patch Nr: 9489 |
| SUSE Linux Enterprise Server 11 SP3 |
|
Builds SAT Patch Nr: 9489 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9698 |
| SUSE Linux Enterprise Real Time Extension 11 SP3 |
|
Builds SAT Patch Nr: 9504 |
| SUSE Linux Enterprise Server 11 SP1 LTSS |
|
Builds SAT Patch Nr: 9660 |
| SUSE Linux Enterprise High Availability Extension 11 SP3 |
|
Builds SAT Patch Nr: 9490 |
| SUSE Linux Enterprise Server 11 SP3 |
|
Builds SAT Patch Nr: 9490 |
| SLE 11 SERVER Unsupported Extras |
|
Builds SAT Patch Nr: 9497 |
| openSUSE 12.3 |
| Patchnames: openSUSE-2014-478 |
| openSUSE 13.1 |
| Patchnames: openSUSE-2014-493 |
| openSUSE Evergreen 11.4 |
| Patchnames: 2014-89 |