Vulnerability Description
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.4.0 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
- http://linux.bkbits.net:8080/linux-2.4/cset%40404ce5967rY2Ryu6Z_uNbYh643wuFA
- http://security.gentoo.org/glsa/glsa-200407-02.xml
- http://www.ciac.org/ciac/bulletins/o-121.shtml
- http://www.ciac.org/ciac/bulletins/o-127.shtml
- http://www.ciac.org/ciac/bulletins/o-193.shtml
- http://www.debian.org/security/2004/dsa-479
- http://www.debian.org/security/2004/dsa-480
- http://www.debian.org/security/2004/dsa-481
- http://www.debian.org/security/2004/dsa-482PatchVendor Advisory
- http://www.debian.org/security/2004/dsa-489PatchVendor Advisory
- http://www.debian.org/security/2004/dsa-491PatchVendor Advisory
- http://www.debian.org/security/2004/dsa-495PatchVendor Advisory
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:029
FAQ
What is CVE-2004-0178?
CVE-2004-0178 is a vulnerability with a CVSS score of 2.1 (LOW). The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial ...
How severe is CVE-2004-0178?
CVE-2004-0178 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0178?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.