CVE-2008-0008: Input Validation
First published: Fri Dec 14 2007(Updated: )
The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/0.9.8 | <5. | 5. |
| All of | ||
| Any of | ||
| =2007.1 | ||
| =2007.1 | ||
| =2008.0 | ||
| =2008.0 | ||
| =7 | ||
| =8 | ||
| Any of | ||
| =0.9.6 | ||
| =0.9.8 | ||
| Mandrakesoft Mandrake Linux | =2007.1 | |
| Mandrakesoft Mandrake Linux | =2007.1 | |
| Mandrakesoft Mandrake Linux | =2008.0 | |
| Mandrakesoft Mandrake Linux | =2008.0 | |
| Redhat Fedora | =7 | |
| Redhat Fedora | =8 | |
| Pulseaudio Pulseaudio | =0.9.6 | |
| Pulseaudio Pulseaudio | =0.9.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html
- http://pulseaudio.org/changeset/2100
- https://bugzilla.novell.com/show_bug.cgi?id=347822
- https://bugzilla.redhat.com/show_bug.cgi?id=425481
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html
- http://www.securityfocus.com/bid/27449
- http://secunia.com/advisories/28623
- http://www.debian.org/security/2008/dsa-1476
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:027
- http://secunia.com/advisories/28608
- http://www.ubuntu.com/usn/usn-573-1
- http://secunia.com/advisories/28738
- http://security.gentoo.org/glsa/glsa-200802-07.xml
- http://bugs.gentoo.org/show_bug.cgi?id=207214
- http://secunia.com/advisories/28952
- http://www.vupen.com/english/advisories/2008/0283
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39992
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=290146&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=290146&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=292647&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=292647&action=edit
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/author
- agent/softwarecombine
- agent/weakness
- agent/severity
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2008-0008
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/mandrakesoft
- canonical/mandrakesoft mandrake linux
- version/mandrakesoft mandrake linux/2007.1
- version/mandrakesoft mandrake linux/2008.0
- vendor/redhat
- canonical/redhat fedora
- version/redhat fedora/7
- version/redhat fedora/8
- vendor/pulseaudio
- canonical/pulseaudio pulseaudio
- version/pulseaudio pulseaudio/0.9.6
- version/pulseaudio pulseaudio/0.9.8
- package-manager/redhat