|
|
CVE Reference: CVE-2008-2358 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2358 |
|
|
Description: Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/43034 UBUNTU http://www.ubuntu.com/usn/usn-625-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html ST 1020211 SAID Secunia Advisory: SA30920 Secunia Advisory: SA30849 Secunia Advisory: SA30818 Secunia Advisory: SA30000 Secunia Advisory: SA31107 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0519.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9644 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:167 http://www.mandriva.com/security/advisories?name=MDVSA-2008:112 FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1592 CONFIRM BID 29603 |
|
| Return to the previous page. |
