CVE-2007-4997

Publication date 6 November 2007

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an “off-by-two error.”

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
linux-source-2.6.15 7.10 gutsy Not in release
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper
Fixed 2.6.15-51.66
linux-source-2.6.17 7.10 gutsy Not in release
7.04 feisty Not in release
6.10 edgy
Fixed 2.6.17.1-12.42
6.06 LTS dapper Not in release
linux-source-2.6.20 7.10 gutsy Not in release
7.04 feisty
Fixed 2.6.20-16.33
6.10 edgy Not in release
6.06 LTS dapper Not in release
linux-source-2.6.22 7.10 gutsy
Fixed 2.6.22-14.47
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-574-1
    • Linux kernel vulnerabilities
    • 4 February 2008
    • USN-578-1
    • Linux kernel vulnerabilities
    • 14 February 2008
    • USN-558-1
    • Linux kernel vulnerabilities
    • 19 December 2007

Other references