CVE-2007-1734
Published: 28 March 2007
The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
upstream |
Released
(2.6.21)
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
upstream |
Needed
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
edgy |
Not vulnerable
|
upstream |
Needed
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
feisty |
Released
(2.6.20-16.28)
|
upstream |
Released
(2.6.20.5)
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
upstream |
Released
(2.6.20.5)
|