CVE-2007-1865
Published: 18 September 2007
** DISPUTED ** The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when copying header info to the user's buffer."
Notes
| Author | Note |
|---|---|
| kees | RHEL specific. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
edgy |
Not vulnerable
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
feisty |
Not vulnerable
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
gutsy |
Not vulnerable
|
| upstream |
Needs triage
|