Info

Disclosure

Jun 30, 2005

Discovery

Unknown

Dates

Exploit

Jun 30, 2005

Solution

Unknown

Description

NetBSD contains a flaw that may allow a local denial of service. The issue is triggered when a malicious attacker uses the set-parameters ioctl call on certain audio devices to change block size and set pause state to "unpaused" in the same ioctl, which will cause a divide-by-zero error resulting in loss of availability for the platform.

Classification

Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version 2.0.3 or 2.0.2 after the correction date, as it has been reported to fix this vulnerability. In addition, NetBSD has released a patch for some older versions. It is also possible to correct the flaw by implementing the following workaround: disable access to the audio device for all users. Execute the following commands as root: chown root /dev/audio* /dev/audioctl* /dev/sound* chmod 000 /dev/audio* /dev/audioctl* /dev/sound*

Products

NetBSD Foundation, Inc.	NetBSD	1.6
		1.6.1
		1.6.2
		2.0
		2.0.1
		2.0.2

References

Bugtraq ID: 14122
Other Advisory URL: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc
ISS X-Force ID: 21526
Secunia Advisory ID: 15874
CVE ID: 2005-2134 (see also: NVD)
Vendor Specific Solution URL: http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/audio.c
Security Tracker: 1014348
Keyword: clcs emuxki CS4280/4281 SB Live PC 512

Credit

Ignatios Souvatzis -
Yamamoto Takashi -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

NetBSD Foundation, Inc.

NetBSD

References

Credit