blob: 504f0c1dcb2a6abc07049a63d144a28219acb2f0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
Candidate: CVE-2006-0038
References:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186295
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ee4bb818ae35f68d1f848eae0a7b150a38eb4168
Description:
Integer overflow in the do_replace function in netfilter for Linux
before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ,
allows local users with CAP_NET_ADMIN rights to cause a buffer overflow
in the copy_from_user function.
Notes:
dannf> Submitted to Marcelo for 2.4
Bugs:
upstream: released (2.6.16-rc3)
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3) [netfilter-do_replace-overflow.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge3) [221_netfilter-do_replace-overflow.diff]
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
|
