|
|
CVE Reference: CVE-2004-2607 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-2607 |
|
|
Description: A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA19369 Secunia Advisory: SA18977 MLIST http://www.uwsg.iu.edu/hypermail/linux/kernel/0404.2/0743.html http://www.uwsg.iu.edu/hypermail/linux/kernel/0404.2/0313.html MANDRIVA http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:072 DEBIAN http://www.debian.org/security/2006/dsa-1018 BID 16759 |
|
| Return to the previous page. |
