Your submission was sent successfully! Close

CVE-2008-5396

Published: 09 December 2008

Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZT_SPANCONFIG ioctl.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-ec2
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-source-2.6.22
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream Needs triage

zaptel
Launchpad, Ubuntu, Debian
Upstream
Released (1:1.4.11~dfsg-3)