Your submission was sent successfully! Close

CVE-2008-2358

Published: 10 June 2008

Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.

From the Ubuntu security team

Brandon Edwards discovered that the DCCP system in the kernel did not correctly check feature lengths. A remote attacker could exploit this to execute arbitrary code.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.26~rc2)
Patches:
Vendor: http://www.debian.org/security/2008/dsa-1592
upstream: 19443178fbfbf40db15c86012fc37df1a44ab857
linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.26~rc2)
Patches:
Vendor: http://www.debian.org/security/2008/dsa-1592
linux-source-2.6.20
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.26~rc2)
Patches:
Vendor: http://www.debian.org/security/2008/dsa-1592
linux-source-2.6.22
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.26~rc2)
Patches:
Vendor: http://www.debian.org/security/2008/dsa-1592