ID CVE-2007-1730
Summary Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*
CVSS
Base: 6.6 (as of 16-10-2018 - 16:40)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:N/A:C
refmap via4
bid 23162
bugtraq
  • 20070327 Linux Kernel DCCP Memory Disclosure Vulnerability
  • 20070329 Re: Re: [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability
mlist [dccp] 20070328 [PATCH 1/1] getsockopt: Fix DCCP_SOCKOPT_[SEND,RECV]_CSCOV
sectrack 1017820
secunia 25392
sreason 2482
ubuntu USN-464-1
vupen ADV-2007-1143
xf kernel-dccp-information-disclosure(33274)
statements via4
contributor Mark J Cox
lastmodified 2007-10-23
organization Red Hat
statement Not vulnerable. This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Last major update 16-10-2018 - 16:40
Published 28-03-2007 - 10:19
Back to Top