Candidate: CVE-2007-6151 References: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=eafe1aa37e6ec2d56f14732b5240c4dd09f0613a Description: The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a struct in which iocts is not null terminated, which triggers a buffer overflow. Ubuntu-Description: Notes: Bugs: upstream: linux-2.6: released (2.6.23-2) 2.6.18-etch-security: released (2.6.18.dfsg.1-17etch1) [bugfix/i4l-isdn_ioctl-mem-overrun.patch] 2.6.8-sarge-security: released (2.6.8-17sarge1) [i4l-isdn_ioctl-mem-overrun.dpatch] 2.4.27-sarge-security: released (2.4.27-10sarge6) [256_i4l-isdn_ioctl-mem-overrun.diff] 2.6.15-dapper-security: released (2.6.15-51.65) 2.6.17-edgy-security: released (2.6.17.1-12.43) 2.6.20-feisty-security: released (2.6.20-16.34) 2.6.22-gutsy-security: released (2.6.22-14.48)