Description of the problem: The user-supplied index into the adapters array needs to be checked, or an out-of-bounds kernel pointer could be accessed and used, leading to potentially exploitable memory corruption. Reference: http://seclists.org/oss-sec/2011/q1/540 Upstream commit: http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commit;h=4a122c10fbfe9020df469f0f669da129c5757671 Acknowledgements: Red Hat would like to thank Dan Rosenberg for reporting this issue.
Statement: The Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6 and Red Hat Enterprise MRG are not affected as they did not backport upstream commit 719f82d3 that introduced this issue.