Your submission was sent successfully! Close

CVE-2008-2358

Published: 10 June 2008

Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.

From the Ubuntu security team

Brandon Edwards discovered that the DCCP system in the kernel did not correctly check feature lengths. A remote attacker could exploit this to execute arbitrary code.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy
Released (2.6.24-19.36)
upstream
Released (2.6.26~rc2)
Patches:
vendor: http://www.debian.org/security/2008/dsa-1592



linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper Not vulnerable
(code does not exist)
feisty Does not exist

gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.26~rc2)
Patches:

vendor: http://www.debian.org/security/2008/dsa-1592


linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty
Released (2.6.20-17.37)
gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.26~rc2)
Patches:


vendor: http://www.debian.org/security/2008/dsa-1592

linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy
Released (2.6.22-15.56)
hardy Does not exist

upstream
Released (2.6.26~rc2)
Patches:



vendor: http://www.debian.org/security/2008/dsa-1592