CVE: CAN-2003-0700
Updated: Tue, 25 May 2004 12:46:56 +0900
Summary: The C-Media PCI sound driver in Linux before 2.4.22 does not use
         the get_user function to access userspace in certain conditions, 
	 which crosses security boundaries and may facilitate the exploitation 
	 of vulnerabilities, a different vulnerability than CAN-2003-0699
	 (text:CAN-2003-0700)
Priority: Low
Status: Closed
Source:  RHSA-2003:238-16
Link:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0700
       http://rhn.redhat.com/errata/RHSA-2003-238.html
       http://www.ultramonkey.org/news_archive.shtml#2003080600
       http://www.ultramonkey.org/news_archive.shtml#2003120800
Resolved In:
  Kernel: 2.4.22-pre3
  Patch: http://linux.bkbits.net:8080/linux-2.4/cset@1.1003.10.93?nav=index.html
  Red Hat Linux 7.3:
         Vendor:      kernel-2.4.20-19.7
         UltraMonkey: kernel-2.4.20-19.7.um.1
  Red Hat Linux 8.0:
         Vendor:      kernel-2.4.20-19.8
         UltraMonkey: kernel-2.4.20-19.8.um.1
  Red Hat Linux 9:
         Vendor:      kernel-2.4.20-19.9
         UltraMonkey: kernel-2.4.20-19.9.um.1 (initial release)
  Fedora Core 1:
         Vendor:      Not Vulnerable (>=2.4.22-pre3)
         UltraMonkey: Not Vulnerable (>=2.4.22-pre3)
  Red Hat Enterprise Linux 3:
         Vendor:      kernel-2.4.21-4.EL (initial release)
         UltraMonkey: kernel-2.4.21-9.EL.um.1 (initial release)
  Debian Woody:
         Vendor:      None
         UltraMonkey: kernel-source-2.4.22-4woody.um.1
  Debian Sid:
         Vendor:      kernel-source-2.4.21-4
         UltraMonkey: kernel-source-2.4.22-4.um.1