Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 15 Aug 2008 21:47:23 +0800
From: Eugene Teo <eteo@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2008-3276 Linux kernel dccp_setsockopt_change() integer overflow

An integer overflow flaw was found in the Linux kernel
dccp_setsockopt_change() function. The vulnerability exists due to a
lack of sanitisation performed on a user-controlled integer value before
the value is employed as the size argument of a memory allocation
operation. An attacker may leverage this vulnerability to trigger a
kernel panic on a victim's machine remotely.

This affects kernel versions since 2.6.17-rc1. The proposed upstream
commit is: 3e8a0a559c66ee9e7468195691a56fefc3589740

I have allocated this CVE-2008-3276.

Thanks, Eugene
-- 
Eugene Teo / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.