blob: 298970a20362419e25688392a8e41ac101914e58 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Candidate: CVE-2008-2358
Description:
The Datagram Congestion Control Protocol (DCCP) subsystem in the Linux
kernel 2.6.18, and probably other versions, does not properly check
feature lengths, which might allow remote attackers to execute arbitrary
code, related to an unspecified "overflow."
References:
Ubuntu-Description:
Notes:
kees> linux-2.6: 19443178fbfbf40db15c86012fc37df1a44ab857
dannf> Only effects 2.6.17-2.6.19, between
dannf> afe00251dd9b53d51de91ff0099961f42bbf3754 and
dannf> c02fdc0e81e9c735d8d895af1e201b235df326d8
Bugs:
upstream: released (2.6.26)
linux-2.6: released (2.6.26-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-18etch6) [bugfix/dccp-feature-length-check.patch]
2.6.24-etch-security: N/A
2.6.26-lenny-security: N/A
2.6.15-dapper-security: N/A
2.6.20-feisty-security: released (2.6.20-17.37)
2.6.22-gutsy-security: released (2.6.22-15.56)
2.6.24-hardy-security: released (2.6.24-19.36)
|