Описание
The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.
| Релиз | Статус | Примечание |
|---|---|---|
| upstream | released | 2.6.21 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| edgy | not-affected | |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| feisty | released | 2.6.20-16.28 |
| upstream | released | 2.6.20.5 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.6.22-12.39 |
| upstream | released | 2.6.20.5 |
Показывать по
Ссылки на источники
EPSS
7.2 High
CVSS2
Связанные уязвимости
The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.
The DCCP support in the do_dccp_getsockopt function in net/dccp/proto. ...
The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.
EPSS
7.2 High
CVSS2