PT-2004-3660 · Linux+3 · Linux Kernel+3
Publicado
1970-01-01
·
Atualizado
2017-09-29
·
CVE-2007-6151
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Debian GNU/Linux versions prior to 2.6.23
Red Hat Enterprise Linux versions prior to 2.4.9
SUSE Linux Enterprise versions prior to 2.4.9
linux-image-2.6-686 versions prior to 2.6.23
linux-image-2.6-amd64 versions prior to 2.6.23
linux-image-2.6-xen-686 versions prior to 2.6.23
linux-image-2.6-vserver-686 versions prior to 2.6.23
linux-image-2.6-itanium versions prior to 2.6.23
linux-image-2.6-mckinley versions prior to 2.6.23
linux-image-2.6-em64t-p4-smp versions prior to 2.6.23
linux-image-2.6-parisc64 versions prior to 2.6.23
linux-image-2.6-s390x versions prior to 2.6.23
linux-image-2.6-sparc64 versions prior to 2.6.23
linux-image-2.6-powerpc versions prior to 2.6.23
linux-image-2.6-powerpc64 versions prior to 2.6.23
linux-image-2.6-alpha versions prior to 2.6.23
linux-image-2.6-alpha-smp versions prior to 2.6.23
linux-image-2.6-parisc versions prior to 2.6.23
linux-image-2.6-parisc-smp versions prior to 2.6.23
linux-image-2.6-parisc64-smp versions prior to 2.6.23
linux-image-2.6-s390 versions prior to 2.6.23
linux-image-2.6-s390-tape versions prior to 2.6.23
linux-image-2.6-sparc32 versions prior to 2.6.23
linux-image-2.6-sparc64-smp versions prior to 2.6.23
linux-image-2.6-r3k-kn02 versions prior to 2.6.23
linux-image-2.6-r4k-kn04 versions prior to 2.6.23
linux-image-2.6-r5k-cobalt versions prior to 2.6.23
linux-image-2.6-r5k-ip32 versions prior to 2.6.23
linux-image-2.6-sb1a-bcm91250a versions prior to 2.6.23
linux-image-2.6-sb1-bcm91250a versions prior to 2.6.23
linux-image-2.6-ixp4xx versions prior to 2.6.23
linux-image-2.6-iop32x versions prior to 2.6.23
linux-image-2.6-footbridge versions prior to 2.6.23
linux-image-2.6-mckinley-smp versions prior to 2.6.23
linux-image-2.6-itanium-smp versions prior to 2.6.23
linux-image-2.6-k7 versions prior to 2.6.23
linux-image-2.6-k7-smp versions prior to 2.6.23
linux-image-2.6-amd64-k8 versions prior to 2.6.23
linux-image-2.6-amd64-k8-smp versions prior to 2.6.23
linux-image-2.6-em64t-p4 versions prior to 2.6.23
linux-image-2.6-em64t-p4-smp versions prior to 2.6.23
linux-image-2.6-686-bigmem versions prior to 2.6.23
linux-image-2.6-686-smp versions prior to 2.6.23
linux-image-2.6-xen-amd64 versions prior to 2.6.23
linux-image-2.6-xen-vserver-amd64 versions prior to 2.6.23
linux-image-2.6-vserver-amd64 versions prior to 2.6.23
linux-image-2.6-vserver-amd64-k8 versions prior to 2.6.23
linux-image-2.6-vserver-amd64-k8-smp versions prior to 2.6.23
linux-image-2.6-vserver-686 versions prior to 2.6.23
linux-image-2.6-vserver-686-bigmem versions prior to 2.6.23
linux-image-2.6-vserver-k7 versions prior to 2.6.23
linux-image-2.6-vserver-powerpc versions prior to 2.6.23
linux-image-2.6-vserver-powerpc64 versions prior to 2.6.23
linux-image-2.6-vserver-s390x versions prior to 2.6.23
linux-image-2.6-vserver-sparc64 versions prior to 2.6.23
linux-image-2.6-alpha-legacy versions prior to 2.6.23
linux-image-2.6-alpha-smp versions prior to 2.6.23
linux-image-2.6-parisc versions prior to 2.6.23
linux-image-2.6-parisc-smp versions prior to 2.6.23
linux-image-2.6-parisc64 versions prior to 2.6.23
linux-image-2.6-parisc64-smp versions prior to 2.6.23
linux-image-2.6-powerpc versions prior to 2.6.23
linux-image-2.6-powerpc-miboot versions prior to 2.6.23
linux-image-2.6-powerpc-smp versions prior to 2.6.23
linux-image-2.6-powerpc64 versions prior to 2.6.23
linux-image-2.6-s390 versions prior to 2.6.23
linux-image-2.6-s390-tape versions prior to 2.6.23
linux-image-2.6-s390x versions prior to 2.6.23
linux-image-2.6-sparc32 versions prior to 2.6.23
linux-image-2.6-sparc64 versions prior to 2.6.23
linux-image-2.6-sparc64-smp versions prior to 2.6.23
Description
The vulnerability is caused by a buffer overflow in the
isdn ioctl function in isdn common.c of the Linux kernel. This can be exploited by a local attacker to cause a denial of service or potentially execute arbitrary code. The vulnerability can be exploited by sending a crafted ioctl struct to the isdn ioctl function, which can cause a buffer overflow and potentially allow an attacker to execute arbitrary code.The estimated number of potentially affected devices worldwide is not available.
There have been reports of real-world incidents where this issue was exploited, but the details are not publicly available.
Technical details about exploitation include:
- API Endpoints: The vulnerability can be exploited through the
isdn ioctlfunction. - Vulnerable Parameters or Variables: The
ioctsparameter in theisdn ioctlfunction is vulnerable to a buffer overflow. - Function Names: The
isdn ioctlfunction is vulnerable to a buffer overflow.
Recommendations
- For Debian GNU/Linux versions prior to 2.6.23, update to a newer version of the Linux kernel.
- For Red Hat Enterprise Linux versions prior to 2.4.9, update to a newer version of the Linux kernel.
- For SUSE Linux Enterprise versions prior to 2.4.9, update to a newer version of the Linux kernel.
- For all other affected versions, update to a newer version of the Linux kernel or apply the necessary patches to fix the vulnerability.
- As a temporary workaround, consider disabling the
isdn ioctlfunction until a patch is available. - Restrict access to the vulnerable
isdn ioctlfunction to minimize the risk of exploitation. - Avoid using the
ioctsparameter in the affected API endpoint until the issue is resolved.
Exploit
Correção
DoS
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Debian
Linux Kernel
Red Hat
Suse Linux Enterprise