CVE-2004-0178 Information

Description

The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26 when operating in 16 bit mode does not properly handle certain sample sizes which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.

Reference

ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846 http://linux.bkbits.net:8080/linux-2.4/cset@404ce5967rY2Ryu6Z_uNbYh643wuFA http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.ciac.org/ciac/bulletins/o-121.shtml http://www.ciac.org/ciac/bulletins/o-127.shtml http://www.ciac.org/ciac/bulletins/o-193.shtml http://www.debian.org/security/2004/dsa-479 http://www.debian.org/security/2004/dsa-480 http://www.debian.org/security/2004/dsa-481 http://www.debian.org/security/2004/dsa-482 http://www.debian.org/security/2004/dsa-489 http://www.debian.org/security/2004/dsa-491 http://www.debian.org/security/2004/dsa-495 http://www.mandriva.com/security/advisories?name=MDKSA-2004:029 http://www.redhat.com/support/errata/RHSA-2004-413.html http://www.redhat.com/support/errata/RHSA-2004-437.html http://www.securityfocus.com/bid/9985 https://exchange.xforce.ibmcloud.com/vulnerabilities/15868 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9427