Severity : Medium Published : 2008-08-08 Modified : 2012-03-19 Base Score : 6.6 Details : The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information. Product/Version : CGE 5.x   Mobilinux 5.x   Pro 4.x   CGE 4.x   Mobilinux 4.x   Professional PRO 5.0   Professional PRO 5.0.24   Professional PRO 5.0   Mobilinux 5.0.24   MVL 5 Atom

CVE-2008-7256 CVE-2008-7068 CVE-2008-5713 CVE-2008-5300 CVE-2008-5286 CVE-2008-5161 CVE-2008-5079 CVE-2008-5029 CVE-2008-4989 CVE-2008-4864 CVE-2008-4685 CVE-2008-4554 CVE-2008-4316 CVE-2008-4309 CVE-2008-4307 CVE-2008-4210 CVE-2008-4109 CVE-2008-4101 CVE-2008-3934 CVE-2008-3933 CVE-2008-3932 CVE-2008-3915 CVE-2008-3527 CVE-2008-3526 CVE-2008-3522 CVE-2008-3521 CVE-2008-3520 CVE-2008-3294 CVE-2008-3276 CVE-2008-3275 CVE-2008-3272 CVE-2008-3146 CVE-2008-3142 CVE-2008-3141 CVE-2008-3140 CVE-2008-3139 CVE-2008-3138 CVE-2008-3137 CVE-2008-2952 CVE-2008-2812 CVE-2008-2729 CVE-2008-2364 CVE-2008-2292 CVE-2008-2108 CVE-2008-2107 CVE-2008-2051 CVE-2008-1927 CVE-2008-1808 CVE-2008-1807 CVE-2008-1806 CVE-2008-1722 CVE-2008-1678 CVE-2008-1673 CVE-2008-1657 CVE-2008-1483 CVE-2008-1372 CVE-2008-1367 CVE-2008-0598 CVE-2008-0596 CVE-2008-0122 CVE-2008-0007 CVE-2008-0005