|
|
CVE Reference: CVE-2008-3276 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-3276 |
|
|
Description: Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/usn-659-1 ST 1020705 SAID Secunia Advisory: SA31509 Secunia Advisory: SA31881 Secunia Advisory: SA32190 Secunia Advisory: SA31836 Secunia Advisory: SA32393 Secunia Advisory: SA32485 Secunia Advisory: SA32237 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0857.html http://www.redhat.com/support/errata/RHSA-2008-0957.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11506 MLIST http://www.openwall.com/lists/oss-security/2008/08/15/3 DEBIAN http://www.debian.org/security/2008/dsa-1636 http://www.debian.org/security/2008/dsa-1653 CONFIRM http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=3e8a0a559c66ee9e7468195691a56fefc3589740 BID 30704 |
|
| Return to the previous page. |
