Your submission was sent successfully! Close

CVE-2009-2846

Published: 18 August 2009

The eisa_eeprom_read function in the parisc isa-eeprom component (drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds read in the readb function.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (2.6.24-25.63)
intrepid
Released (2.6.27-15.43)
jaunty
Released (2.6.28-16.55)
upstream Needs triage

linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-55.80)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

upstream Needs triage