CVE request: kernel: AudioScience HPI driver

[Dan Rosenberg <dan.j.rosenberg () gmail com>]

"The user-supplied index into the adapters array needs to be checked, or
an out-of-bounds kernel pointer could be accessed and used, leading to
potentially exploitable memory corruption."

This may be triggered by a user with access to an appropriate device
file, which I'd expect would be restricted to group 'audio'.  And
you'd need to have this particular driver loaded, either by using the
appropriate hardware or finding a new way to force it to be loaded in
violation of security policy.

Regards,
Dan

[1] http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commit;h=4a122c10fbfe9020df469f0f669da129c5757671