| Vigil@nce describes vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability note CVE-2010-0561
NetBSD: denial of service via azalia/hdaudio
Synthesis of the vulnerability
| A local attacker can query the azalia and hdaudio drivers, in order to stop the system. |
Severity: 1/4.
Consequences: denial of service of computer.
Provenance: user shell.
Means of attack: no proof of concept, no attack.
Ability of attacker: expert (4/4).
Confidence: confirmed by the editor (5/5).
Diffusion of the vulnerable configuration: medium (2/3).
Creation date: 03/02/2010.
|
Impacted products
Description of the vulnerability
The azalia/hdaudio driver of the NetBSD kernel implements the support of Intel High Definition audio devices.
The azalia_query_devinfo() function of azalia.c and the hdaudio_afg_query_devinfo() function of hdaudio.c implement the query_devinfo interface of the audio_hw_if structure:
x_query_devinfo(void *opaque, mixer_devinfo_t *mdev);
These functions are called when the user wants information on the device.
However, if the mdev->index field is negative, these functions try to read information on a mixer with an index outside the array. This forces a read at an invalid memory address.
A local attacker can therefore query the azalia and hdaudio drivers, in order to stop the system. |
Characteristics
Title: NetBSD: denial of service via azalia/hdaudio
Identifiers: BID-38057, CVE-2010-0561, NetBSD-SA2010-003, VIGILANCE-VUL-9404.
Url: https://vigilance.fr/tree/1/9404
|
Information sources
Solutions for this vulnerability
|
