CVE-2004-0658
CVSS7.2
发布时间 :2004-08-06 00:00:00
修订时间 :2016-10-17 22:47:17
NMCOS    

[原文]Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.


[CNNVD]Linux Kernel IEEE 1394驱动整数溢出漏洞(CNNVD-200408-116)

        
        Linux是一款开放源代码操作系统。
        Linux Kernel包含的IEEE 1394驱动存在整数溢出问题,本地攻击者可以利用这个漏洞进行本地拒绝服务攻击或提升权限。
        IEEE 1394包含的alloc_hpsb_packet()函数接收无符号整数参数,并用于分配内核内存,结果可导致几G的内存数据拷贝到小的缓冲区中,这可能导致系统崩溃。在部分情况下也可能用于提升权限。
        

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.5.9Linux Kernel 2.5.9
cpe:/o:linux:linux_kernel:2.5.45Linux Kernel 2.5.45
cpe:/o:linux:linux_kernel:2.6.0:test4Linux Kernel 2.6 test4
cpe:/o:linux:linux_kernel:2.5.46Linux Kernel 2.5.46
cpe:/o:linux:linux_kernel:2.6.0:test5Linux Kernel 2.6 test5
cpe:/o:linux:linux_kernel:2.6.0:test2Linux Kernel 2.6 test2
cpe:/o:linux:linux_kernel:2.5.40Linux Kernel 2.5.40
cpe:/o:linux:linux_kernel:2.6.0:test3Linux Kernel 2.6 test3
cpe:/o:linux:linux_kernel:2.5.41Linux Kernel 2.5.41
cpe:/o:linux:linux_kernel:2.6.0:test8Linux Kernel 2.6 test8
cpe:/o:linux:linux_kernel:2.5.42Linux Kernel 2.5.42
cpe:/o:linux:linux_kernel:2.6.0:test9Linux Kernel 2.6 test9
cpe:/o:linux:linux_kernel:2.6.0:test6Linux Kernel 2.6 test6
cpe:/o:linux:linux_kernel:2.6.0:test7Linux Kernel 2.6 test7
cpe:/o:linux:linux_kernel:2.4.1Linux Kernel 2.4.1
cpe:/o:linux:linux_kernel:2.4.0Linux Kernel 2.4.0
cpe:/o:linux:linux_kernel:2.5.47Linux Kernel 2.5.47
cpe:/o:linux:linux_kernel:2.5.48Linux Kernel 2.5.48
cpe:/o:linux:linux_kernel:2.4.5Linux Kernel 2.4.5
cpe:/o:linux:linux_kernel:2.5.49Linux Kernel 2.5.49
cpe:/o:linux:linux_kernel:2.4.4Linux Kernel 2.4.4
cpe:/o:linux:linux_kernel:2.5.43Linux Kernel 2.5.43
cpe:/o:linux:linux_kernel:2.5.44Linux Kernel 2.5.44
cpe:/o:linux:linux_kernel:2.4.18::x86
cpe:/o:linux:linux_kernel:2.4.3Linux Kernel 2.4.3
cpe:/o:linux:linux_kernel:2.4.2Linux Kernel 2.4.2
cpe:/o:linux:linux_kernel:2.6.0:test11Linux Kernel 2.6 test11
cpe:/o:linux:linux_kernel:2.6.0:test1Linux Kernel 2.6 test1
cpe:/o:linux:linux_kernel:2.6.0:test10Linux Kernel 2.6 test10
cpe:/o:linux:linux_kernel:2.5.56Linux Kernel 2.5.56
cpe:/o:linux:linux_kernel:2.5.57Linux Kernel 2.5.57
cpe:/o:linux:linux_kernel:2.5.50Linux Kernel 2.5.50
cpe:/o:linux:linux_kernel:2.5.51Linux Kernel 2.5.51
cpe:/o:linux:linux_kernel:2.5.52Linux Kernel 2.5.52
cpe:/o:linux:linux_kernel:2.5.53Linux Kernel 2.5.53
cpe:/o:linux:linux_kernel:2.5.58Linux Kernel 2.5.58
cpe:/o:linux:linux_kernel:2.5.59Linux Kernel 2.5.59
cpe:/o:linux:linux_kernel:2.5.54Linux Kernel 2.5.54
cpe:/o:linux:linux_kernel:2.5.55Linux Kernel 2.5.55
cpe:/o:linux:linux_kernel:2.5.8Linux Kernel 2.5.8
cpe:/o:linux:linux_kernel:2.5.7Linux Kernel 2.5.7
cpe:/o:linux:linux_kernel:2.5.6Linux Kernel 2.5.6
cpe:/o:linux:linux_kernel:2.5.5Linux Kernel 2.5.5
cpe:/o:linux:linux_kernel:2.6.1:rc2Linux Kernel 2.6.1 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.1:rc1Linux Kernel 2.6.1 Release Candidate 1
cpe:/o:linux:linux_kernel:2.5.23Linux Kernel 2.5.23
cpe:/o:linux:linux_kernel:2.5.24Linux Kernel 2.5.24
cpe:/o:linux:linux_kernel:2.5.20Linux Kernel 2.5.20
cpe:/o:linux:linux_kernel:2.5.0Linux Kernel 2.5.0
cpe:/o:linux:linux_kernel:2.5.25Linux Kernel 2.5.25
cpe:/o:linux:linux_kernel:2.5.26Linux Kernel 2.5.26
cpe:/o:linux:linux_kernel:2.5.27Linux Kernel 2.5.27
cpe:/o:linux:linux_kernel:2.5.4Linux Kernel 2.5.4
cpe:/o:linux:linux_kernel:2.5.28Linux Kernel 2.5.28
cpe:/o:linux:linux_kernel:2.5.3Linux Kernel 2.5.3
cpe:/o:linux:linux_kernel:2.5.21Linux Kernel 2.5.21
cpe:/o:linux:linux_kernel:2.5.22Linux Kernel 2.5.22
cpe:/o:linux:linux_kernel:2.5.2Linux Kernel 2.5.2
cpe:/o:linux:linux_kernel:2.5.1Linux Kernel 2.5.1
cpe:/o:linux:linux_kernel:2.5.29Linux Kernel 2.5.29
cpe:/o:linux:linux_kernel:2.6.6:rc1Linux Kernel 2.6.6 Release Candidate 1
cpe:/o:linux:linux_kernel:2.5.34Linux Kernel 2.5.34
cpe:/o:linux:linux_kernel:2.5.35Linux Kernel 2.5.35
cpe:/o:linux:linux_kernel:2.6.7:rc1Linux Kernel 2.6.7 Release Candidate 1
cpe:/o:linux:linux_kernel:2.5.30Linux Kernel 2.5.30
cpe:/o:linux:linux_kernel:2.5.31Linux Kernel 2.5.31
cpe:/o:linux:linux_kernel:2.4.0:test2Linux Kernel 2.4.0 test2
cpe:/o:linux:linux_kernel:2.4.0:test3Linux Kernel 2.4.0 test3
cpe:/o:linux:linux_kernel:2.4.0:test8Linux Kernel 2.4.0 test8
cpe:/o:linux:linux_kernel:2.4.23_ow2
cpe:/o:linux:linux_kernel:2.5.36Linux Kernel 2.5.36
cpe:/o:linux:linux_kernel:2.4.0:test9Linux Kernel 2.4.0 test9
cpe:/o:linux:linux_kernel:2.5.37Linux Kernel 2.5.37
cpe:/o:linux:linux_kernel:2.4.0:test6Linux Kernel 2.4.0 test6
cpe:/o:linux:linux_kernel:2.5.38Linux Kernel 2.5.38
cpe:/o:linux:linux_kernel:2.4.0:test7Linux Kernel 2.4.0 test7
cpe:/o:linux:linux_kernel:2.5.39Linux Kernel 2.5.39
cpe:/o:linux:linux_kernel:2.5.32Linux Kernel 2.5.32
cpe:/o:linux:linux_kernel:2.5.33Linux Kernel 2.5.33
cpe:/o:linux:linux_kernel:2.6.7Linux Kernel 2.6.7
cpe:/o:linux:linux_kernel:2.6.6Linux Kernel 2.6.6
cpe:/o:linux:linux_kernel:2.6.5Linux Kernel 2.6.5
cpe:/o:linux:linux_kernel:2.6.4Linux Kernel 2.6.4
cpe:/o:linux:linux_kernel:2.4.0:test4Linux Kernel 2.4.0 test4
cpe:/o:linux:linux_kernel:2.4.0:test5Linux Kernel 2.4.0 test5
cpe:/o:linux:linux_kernel:2.6.3Linux Kernel 2.6.3
cpe:/o:linux:linux_kernel:2.6.2Linux Kernel 2.6.2
cpe:/o:linux:linux_kernel:2.4.21:pre4Linux Kernel 2.4.21 pre4
cpe:/o:linux:linux_kernel:2.6.1Linux Kernel 2.6.1
cpe:/o:linux:linux_kernel:2.6.0Linux Kernel 2.6.0
cpe:/o:linux:linux_kernel:2.4.21:pre7Linux Kernel 2.4.21 pre7
cpe:/o:linux:linux_kernel:2.4.23:pre9Linux Kernel 2.4.23 pre9
cpe:/o:linux:linux_kernel:2.4.0:test12Linux Kernel 2.4.0 test12
cpe:/o:linux:linux_kernel:2.4.0:test11Linux Kernel 2.4.0 test11
cpe:/o:linux:linux_kernel:2.5.12Linux Kernel 2.5.12
cpe:/o:linux:linux_kernel:2.5.13Linux Kernel 2.5.13
cpe:/o:linux:linux_kernel:2.4.0:test1Linux Kernel 2.4.0 test1
cpe:/o:linux:linux_kernel:2.5.14Linux Kernel 2.5.14
cpe:/o:linux:linux_kernel:2.5.15Linux Kernel 2.5.15
cpe:/o:linux:linux_kernel:2.5.16Linux Kernel 2.5.16
cpe:/o:linux:linux_kernel:2.5.17Linux Kernel 2.5.17
cpe:/o:linux:linux_kernel:2.5.10Linux Kernel 2.5.10
cpe:/o:linux:linux_kernel:2.5.11Linux Kernel 2.5.11
cpe:/o:linux:linux_kernel:2.4.0:test10Linux Kernel 2.4.0 test10
cpe:/o:linux:linux_kernel:2.5.18Linux Kernel 2.5.18
cpe:/o:linux:linux_kernel:2.5.19Linux Kernel 2.5.19
cpe:/o:linux:linux_kernel:2.4.24_ow1
cpe:/o:linux:linux_kernel:2.4.12Linux Kernel 2.4.12
cpe:/o:linux:linux_kernel:2.5.67Linux Kernel 2.5.67
cpe:/o:linux:linux_kernel:2.4.11Linux Kernel 2.4.11
cpe:/o:linux:linux_kernel:2.5.68Linux Kernel 2.5.68
cpe:/o:linux:linux_kernel:2.5.61Linux Kernel 2.5.61
cpe:/o:linux:linux_kernel:2.4.18:pre1Linux Kernel 2.4.18 pre1
cpe:/o:linux:linux_kernel:2.5.62Linux Kernel 2.5.62
cpe:/o:linux:linux_kernel:2.4.18:pre2Linux Kernel 2.4.18 pre2
cpe:/o:linux:linux_kernel:2.5.63Linux Kernel 2.5.63
cpe:/o:linux:linux_kernel:2.5.64Linux Kernel 2.5.64
cpe:/o:linux:linux_kernel:2.4.19:pre1Linux Kernel 2.4.19 pre1
cpe:/o:linux:linux_kernel:2.4.19:pre2Linux Kernel 2.4.19 pre2
cpe:/o:linux:linux_kernel:2.4.19Linux Kernel 2.4.19
cpe:/o:linux:linux_kernel:2.4.14Linux Kernel 2.4.14
cpe:/o:linux:linux_kernel:2.5.69Linux Kernel 2.5.69
cpe:/o:linux:linux_kernel:2.4.13Linux Kernel 2.4.13
cpe:/o:linux:linux_kernel:2.4.16Linux Kernel 2.4.16
cpe:/o:linux:linux_kernel:2.4.15Linux Kernel 2.4.15
cpe:/o:linux:linux_kernel:2.4.10Linux Kernel 2.4.10
cpe:/o:linux:linux_kernel:2.5.65Linux Kernel 2.5.65
cpe:/o:linux:linux_kernel:2.5.66Linux Kernel 2.5.66
cpe:/o:linux:linux_kernel:2.4.18Linux Kernel 2.4.18
cpe:/o:linux:linux_kernel:2.4.17Linux Kernel 2.4.17
cpe:/o:linux:linux_kernel:2.4.18:pre6Linux Kernel 2.4.18 pre6
cpe:/o:linux:linux_kernel:2.4.18:pre3Linux Kernel 2.4.18 pre3
cpe:/o:linux:linux_kernel:2.4.27:pre1Linux Kernel 2.4.27 pre1
cpe:/o:linux:linux_kernel:2.5.60Linux Kernel 2.5.60
cpe:/o:linux:linux_kernel:2.4.18:pre4Linux Kernel 2.4.18 pre4
cpe:/o:linux:linux_kernel:2.4.19:pre5Linux Kernel 2.4.19 pre5
cpe:/o:linux:linux_kernel:2.4.27:pre2Linux Kernel 2.4.27 pre2
cpe:/o:linux:linux_kernel:2.4.19:pre6Linux Kernel 2.4.19 pre6
cpe:/o:linux:linux_kernel:2.4.21:pre1Linux Kernel 2.4.21 pre1
cpe:/o:linux:linux_kernel:2.4.19:pre3Linux Kernel 2.4.19 pre3
cpe:/o:linux:linux_kernel:2.4.18:pre7Linux Kernel 2.4.18 pre7
cpe:/o:linux:linux_kernel:2.4.19:pre4Linux Kernel 2.4.19 pre4
cpe:/o:linux:linux_kernel:2.4.18:pre8Linux Kernel 2.4.18 pre8
cpe:/o:linux:linux_kernel:2.4.23Linux Kernel 2.4.23
cpe:/o:linux:linux_kernel:2.4.22Linux Kernel 2.4.22
cpe:/o:linux:linux_kernel:2.4.18:pre5Linux Kernel 2.4.18 pre5
cpe:/o:linux:linux_kernel:2.4.25Linux Kernel 2.4.25
cpe:/o:linux:linux_kernel:2.4.24Linux Kernel 2.4.24
cpe:/o:linux:linux_kernel:2.4.26Linux Kernel 2.4.26
cpe:/o:linux:linux_kernel:2.4.21Linux Kernel 2.4.21
cpe:/o:linux:linux_kernel:2.4.20Linux Kernel 2.4.20
cpe:/o:linux:linux_kernel:2.6_test9_cvs
cpe:/o:linux:linux_kernel:2.4.9Linux Kernel 2.4.9
cpe:/o:linux:linux_kernel:2.4.8Linux Kernel 2.4.8
cpe:/o:linux:linux_kernel:2.4.7Linux Kernel 2.4.7
cpe:/o:linux:linux_kernel:2.4.6Linux Kernel 2.4.6

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0658
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0658
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200408-116
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=108793792820740
(UNKNOWN)  BUGTRAQ  20040622 linux kernel IEEE1394(Firewire) driver integer overflow
http://xforce.iss.net/xforce/xfdb/16480
(VENDOR_ADVISORY)  XF  linux-1394-integer-bo(16480)

- 漏洞信息

Linux Kernel IEEE 1394驱动整数溢出漏洞
高危 边界条件错误
2004-08-06 00:00:00 2005-10-20 00:00:00
本地  
        
        Linux是一款开放源代码操作系统。
        Linux Kernel包含的IEEE 1394驱动存在整数溢出问题,本地攻击者可以利用这个漏洞进行本地拒绝服务攻击或提升权限。
        IEEE 1394包含的alloc_hpsb_packet()函数接收无符号整数参数,并用于分配内核内存,结果可导致几G的内存数据拷贝到小的缓冲区中,这可能导致系统崩溃。在部分情况下也可能用于提升权限。
        

- 公告与补丁

        厂商补丁:
        Linux
        -----
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.kernel.org/

- 漏洞信息

7253
Linux Kernel IEEE 1394 (Firewire) Driver Integer Overflow DoS
Local Access Required Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Unknown

- 漏洞描述

A local overflow exists in Linux kernel. The IEEE1394 kernel driver fails to perform bounds checking on a user data structure when being copied to a kernel buffer. This flaw in the alloc_hpsb_packet() function results in a buffer overflow. With a specially crafted request, an attacker can cause DOS and possible code execution resulting in a loss of availability.

- 时间线

2004-06-22 Unknow
Unknow Unknow

- 解决方案

The vulnerability reported is incorrect. No solution required.

- 相关参考

- 漏洞作者

- 漏洞信息

Linux Kernel IEEE 1394 Integer Overflow Vulnerability
Boundary Condition Error 10593
No Yes
2004-06-22 12:00:00 2009-07-12 05:16:00
infamous41md@hotpop.com disclosed this vulnerability to Bugtraq.

- 受影响的程序版本

Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.5.69
Linux kernel 2.5.68
Linux kernel 2.5.67
Linux kernel 2.5.66
Linux kernel 2.5.65
Linux kernel 2.5.64
Linux kernel 2.5.63
Linux kernel 2.5.62
Linux kernel 2.5.61
Linux kernel 2.5.60
Linux kernel 2.5.59
Linux kernel 2.5.58
Linux kernel 2.5.57
Linux kernel 2.5.56
Linux kernel 2.5.55
Linux kernel 2.5.54
Linux kernel 2.5.53
Linux kernel 2.5.52
Linux kernel 2.5.51
Linux kernel 2.5.50
Linux kernel 2.5.49
Linux kernel 2.5.48
Linux kernel 2.5.47
Linux kernel 2.5.46
Linux kernel 2.5.45
Linux kernel 2.5.44
Linux kernel 2.5.43
Linux kernel 2.5.42
Linux kernel 2.5.41
Linux kernel 2.5.40
Linux kernel 2.5.39
Linux kernel 2.5.38
Linux kernel 2.5.37
Linux kernel 2.5.36
Linux kernel 2.5.35
Linux kernel 2.5.34
Linux kernel 2.5.33
Linux kernel 2.5.32
Linux kernel 2.5.31
Linux kernel 2.5.30
Linux kernel 2.5.29
Linux kernel 2.5.28
Linux kernel 2.5.27
Linux kernel 2.5.26
Linux kernel 2.5.25
Linux kernel 2.5.24
Linux kernel 2.5.23
Linux kernel 2.5.22
Linux kernel 2.5.21
Linux kernel 2.5.20
Linux kernel 2.5.19
Linux kernel 2.5.18
Linux kernel 2.5.17
Linux kernel 2.5.16
Linux kernel 2.5.15
Linux kernel 2.5.14
Linux kernel 2.5.13
Linux kernel 2.5.12
Linux kernel 2.5.11
Linux kernel 2.5.10
Linux kernel 2.5.9
Linux kernel 2.5.8
Linux kernel 2.5.7
Linux kernel 2.5.6
Linux kernel 2.5.5
Linux kernel 2.5.4
Linux kernel 2.5.3
Linux kernel 2.5.2
Linux kernel 2.5.1
Linux kernel 2.5 .0
Linux kernel 2.4.27 -pre2
Linux kernel 2.4.27 -pre1
Linux kernel 2.4.26
Linux kernel 2.4.25
Linux kernel 2.4.24 -ow1
Linux kernel 2.4.24
Linux kernel 2.4.23 -pre9
Linux kernel 2.4.23 -ow2
Linux kernel 2.4.23
Linux kernel 2.4.22
+ Devil-Linux Devil-Linux 1.0.5
+ Devil-Linux Devil-Linux 1.0.4
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Red Hat Fedora Core1
+ Slackware Linux 9.1
Linux kernel 2.4.21 pre7
Linux kernel 2.4.21 pre4
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
Linux kernel 2.4.21 pre1
Linux kernel 2.4.21
+ Conectiva Linux 9.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ SuSE SUSE Linux Enterprise Server 8
Linux kernel 2.4.20
+ CRUX CRUX Linux 1.0
+ Gentoo Linux 1.4
+ Gentoo Linux 1.2
+ RedHat Linux 9.0 i386
+ Slackware Linux 9.0
+ WOLK WOLK 4.4 s
Linux kernel 2.4.19 -pre6
Linux kernel 2.4.19 -pre5
Linux kernel 2.4.19 -pre4
Linux kernel 2.4.19 -pre3
Linux kernel 2.4.19 -pre2
Linux kernel 2.4.19 -pre1
Linux kernel 2.4.19
Linux kernel 2.4.18 pre-8
Linux kernel 2.4.18 pre-7
Linux kernel 2.4.18 pre-6
Linux kernel 2.4.18 pre-5
Linux kernel 2.4.18 pre-4
Linux kernel 2.4.18 pre-3
Linux kernel 2.4.18 pre-2
Linux kernel 2.4.18 pre-1
Linux kernel 2.4.18 x86
Linux kernel 2.4.18
Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
Linux kernel 2.4.12
+ Conectiva Linux 7.0
Linux kernel 2.4.11
Linux kernel 2.4.10
+ S.u.S.E. Linux 7.3
Linux kernel 2.4.9
Linux kernel 2.4.8
Linux kernel 2.4.7
+ RedHat Linux 7.2
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1
Linux kernel 2.4.6
Linux kernel 2.4.5
+ Slackware Linux 8.0
Linux kernel 2.4.4
Linux kernel 2.4.3
Linux kernel 2.4.2
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
Linux kernel 2.4.1
Linux kernel 2.4 .0-test9
Linux kernel 2.4 .0-test8
Linux kernel 2.4 .0-test7
Linux kernel 2.4 .0-test6
Linux kernel 2.4 .0-test5
Linux kernel 2.4 .0-test4
Linux kernel 2.4 .0-test3
Linux kernel 2.4 .0-test2
Linux kernel 2.4 .0-test12
Linux kernel 2.4 .0-test11
Linux kernel 2.4 .0-test10
Linux kernel 2.4 .0-test1
Linux kernel 2.4

- 漏洞讨论

The driver for IEEE 1394 in the Linux kernel is reported to contain an integer overflow vulnerability.

The driver contains a function called alloc_hpsb_packet(). This function takes an unsigned integer argument and uses it to allocate kernel memory. When allocating memory, the value is incremented, potentially overflowing the integer.

There are multiple code paths leading to the vulnerable alloc_hpsb_packet() function, with multiple possible methods of exploiting this vulnerability.

Successful exploitation could lead to system crash, or possible code execution.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站