Bug 677881 (CVE-2011-0712)

Summary: CVE-2011-0712 kernel: ALSA: caiaq - Fix possible string-buffer overflow
Product: [Other] Security Response Reporter: Eugene Teo (Security Response) <eteo>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: eteo, jrusnack, lwang, peterm, redhat2, vkrizan
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-29 13:51:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 678475, 678476    
Bug Blocks:    

Description Eugene Teo (Security Response) 2011-02-16 08:01:56 UTC
Description of problem:
Use strlcpy() to assure not to overflow the string array sizes by too long USB device name string (unlikely). This only affects Native Instruments USB audio devices.

Proposed patch:
http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=eaae55dac6b64c0616046436b294e69fc5311581

Acknowledgements:

Red Hat would like to thank Rafael Dominguez Vega for reporting this issue.

Comment 4 errata-xmlrpc 2011-05-10 18:10:14 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:0498 https://rhn.redhat.com/errata/RHSA-2011-0498.html

Comment 5 Eugene Teo (Security Response) 2011-07-19 05:27:35 UTC
Statement:

This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the driver for Native Instruments USB audio devices. It did not affect the Linux kernel as shipped with Red Hat Enterprise MRG as it did not enable support for this driver. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2011-0498.html.