• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

NetBSD CLCS / EMUXKI Audio Driver Local Denial of Service Vulnerability

NetBSD has reported a local denial of service condition due to a kernel-level bug in the clcs and emuxki audio drivers. NetBSD versions 1.6 to 2.0.2 are affected.

Local users with access to the audio device can cause a kernel failure on systems with specific hardware. The devices associated with the drivers are:

CS4280/4281, SB Live, or SB PC 512

This is a vulnerability on multi-user systems where local users have access to the audio device. In anticipation of systems where users do not, multimedia applications may be installed with setuid permissions. These may provide channels of attack if they themselves have vulnerabilities of their own.