Описание
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.1.0-1.0 |
| hardy | released | 2.6.24-29.93 |
| lucid | released | 2.6.32-32.62 |
| maverick | released | 2.6.35-30.52 |
| natty | released | 2.6.38-9.43 |
| oneiric | not-affected | 2.6.39-0.1 |
| precise | not-affected | 3.1.0-1.1 |
| quantal | not-affected | 3.1.0-1.0 |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.2.0-1602.5 |
| hardy | DNE | |
| lucid | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | not-affected | 3.2.0-1600.1 |
| quantal | not-affected | 3.2.0-1602.5 |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | released | 2.6.32-316.30 |
| maverick | ignored | end of life |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | released | 2.6.31-610.27 |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | released | 2.6.35-30.54~lucid1 |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | not-affected | 2.6.38-9.43~lucid1 |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | not-affected | 3.0.0-5.6~lucid1 |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | released | 2.6.32-217.34 |
| maverick | released | 2.6.32-417.34 |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | released | 2.6.39~rc1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.0.0-1401.2 |
| hardy | DNE | |
| lucid | DNE | |
| maverick | released | 2.6.35-903.23 |
| natty | released | 2.6.38-1209.13 |
| oneiric | not-affected | 2.6.38-1309.13 |
| precise | not-affected | 3.0.0-1401.2 |
| quantal | not-affected | 3.0.0-1401.2 |
| upstream | released | 2.6.39~rc1 |
Показывать по
Ссылки на источники
EPSS
7.8 High
CVSS2
Связанные уязвимости
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux ker ...
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
EPSS
7.8 High
CVSS2