Your submission was sent successfully! Close

CVE-2009-1265

Published: 08 April 2009

Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.30~rc1)
Patches:
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9
linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.30~rc1)
linux-source-2.6.22
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.30~rc1)