CVE-2008-5033
Published: 10 November 2008
The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.
From the Ubuntu Security Team
It was discovered that the driver for simple i2c audio interfaces did not correctly validate certain function pointers. A local user could exploit this to gain root privileges or crash the system, leading to a denial of service.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
upstream |
Released
(2.6.28~rc5)
|
| dapper |
Released
(2.6.15-53.74)
|
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
upstream |
Released
(2.6.28~rc5)
|
| dapper |
Does not exist
|
|
| gutsy |
Released
(2.6.22-16.60)
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
|
linux Launchpad, Ubuntu, Debian |
upstream |
Released
(2.6.28~rc5)
|
| dapper |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| hardy |
Released
(2.6.24-22.45)
|
|
| intrepid |
Released
(2.6.27-9.19)
|
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=5ba2f67afb02c5302b2898949ed6fc3b3d37dcf1 upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=01a1a3cc1e3fbe718bd06a2a5d4d1a2d0fb4d7d9 |
||