Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 22 Feb 2010 11:51:05 +0800
From: Eugene Teo <eugeneteo@...nel.sg>
To: oss-security@...ts.openwall.com
CC: "Steven M. Christey" <coley@...us.mitre.org>
Subject: CVE request: kernel: ALSA: hda-intel: Avoid divide by zero crash

hda-intel crashes the kernel due to a divide by zero in azx_position_ok.

Using mp3blaster-3.2.5 (latest version) to play MP3 audio, the reporter 
was able to crash the kernel by stopping and restarting playback using 
the "5" key repeatedly. This happens as a normal user, not only as root. 
Kernel backtrace points to azx_position_ok() dividing by zero.

Upstream commit:
http://git.kernel.org/linus/fed08d036f2aabd8d0c684439de37f8ebec2bbc2

References:
http://lkml.org/lkml/2010/2/6/40
http://nctritech.net/bugreport.txt
http://lwn.net/Articles/375417/
https://bugzilla.redhat.com/show_bug.cgi?id=567168

Thanks, Eugene

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ