Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > CVE-2006-1368
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
CVE Reference: CVE-2006-1368
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-1368

Description:
Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntulinux.org/support/documentation/usn/usn-281-1

SAID
  Secunia Advisory: SA19955
  Secunia Advisory: SA20671
  Secunia Advisory: SA19330
  Secunia Advisory: SA20914
  Secunia Advisory: SA21045

MANDRIVA
  http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:123

DEBIAN
  http://www.debian.org/security/2006/dsa-1097
  http://www.debian.org/security/2006/dsa-1103

CONFIRM
  http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16
  http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8763716bfe4d8a16bef28c9947cf9d799b1796a5

BID
  17831


Return to the previous page.


Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008