Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel DCCP information leak
Published:27.03.2007
Source:
SecurityVulns ID:7478
Type:local
Threat Level:
6/10
Description:Integer overflow in getsockopt for SOL_DCCP gives ability to read content of kernel memory.
Affected:LINUX : kernel 2.6
CVE:CVE-2007-1734 (The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.)
 CVE-2007-1730 (Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value.)
Original documentdocumentRobert Święcki, [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability (27.03.2007)
Files:Exploits Linux Kernel DCCP Memory Disclosure Vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod