[Bug 164011] [linux-source] multiple DoS vulnerabilities
hk47
bugtracker at slideomania.com
Tue Nov 20 08:21:01 UTC 2007
Public bug reported:
Binary package hint: linux-source
References:
[1]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6058
[2]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4997
Quoting [1]:
"The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error."
Quoting [2]:
"Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error.""
** Affects: linux-meta (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2006-6058
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-4997
--
[linux-source] multiple DoS vulnerabilities
https://bugs.launchpad.net/bugs/164011
You received this bug notification because you are a member of Kernel
Bugs, which is a bug contact for linux-meta in ubuntu.
More information about the kernel-bugs
mailing list