PT-2004-2256 · Linux · Linux Kernel

Georgi Guninski

Publicado

2004-12-15

Atualizado

2024-02-14

CVE-2004-1334

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.10

Description: The issue is related to an integer overflow in the ip options get function, which can be exploited by local users to cause a denial of service, resulting in a kernel crash. This is achieved by setting cmsg len to -1, leading to a buffer overflow.

Recommendations: For Linux kernel versions prior to 2.6.10, update to version 2.6.10 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-1334

Produtos afetados

Linux Kernel

PT-2004-2256 · Linux · Linux Kernel

CVE-2004-1334

Identificadores relacionados

Produtos afetados

Referências · 6