Bug 677881 (CVE-2011-0712) - CVE-2011-0712 kernel: ALSA: caiaq - Fix possible string-buffer overflow
Summary: CVE-2011-0712 kernel: ALSA: caiaq - Fix possible string-buffer overflow
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-0712
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 678475 678476
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-02-16 08:01 UTC by Eugene Teo (Security Response)
Modified: 2019-09-29 12:42 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-07-29 13:51:07 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:0498 normal SHIPPED_LIVE Important: kernel security, bug fix, and enhancement update 2011-05-10 18:10:04 UTC

Description Eugene Teo (Security Response) 2011-02-16 08:01:56 UTC
Description of problem:
Use strlcpy() to assure not to overflow the string array sizes by too long USB device name string (unlikely). This only affects Native Instruments USB audio devices.

Proposed patch:
http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=eaae55dac6b64c0616046436b294e69fc5311581

Acknowledgements:

Red Hat would like to thank Rafael Dominguez Vega for reporting this issue.

Comment 4 errata-xmlrpc 2011-05-10 18:10:14 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:0498 https://rhn.redhat.com/errata/RHSA-2011-0498.html

Comment 5 Eugene Teo (Security Response) 2011-07-19 05:27:35 UTC
Statement:

This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the driver for Native Instruments USB audio devices. It did not affect the Linux kernel as shipped with Red Hat Enterprise MRG as it did not enable support for this driver. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2011-0498.html.


Note You need to log in before you can comment on or make changes to this bug.