*** This bug is a security vulnerability *** Public security bug reported:
Eugene Teo of Red Hat Security Response Team wrote: "An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. The vulnerability exists due to a lack of sanitisation performed on a user-controlled integer value before the value is employed as the size argument of a memory allocation operation. An attacker may leverage this vulnerability to trigger a kernel panic on a victim's machine remotely. This affects kernel versions since 2.6.17-rc1. The proposed upstream commit is: 3e8a0a559c66ee9e7468195691a56fefc3589740 I have allocated this CVE-2008-3276." http://www.openwall.com/lists/oss-security/2008/08/15/3 ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Affects: linux-source-2.6.20 (Ubuntu) Importance: Undecided Status: New ** Affects: linux-source-2.6.22 (Ubuntu) Importance: Undecided Status: New ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-3276 ** Visibility changed to: Public ** Also affects: linux-source-2.6.20 (Ubuntu) Importance: Undecided Status: New ** Also affects: linux-source-2.6.22 (Ubuntu) Importance: Undecided Status: New -- [CVE-2008-3276] Linux kernel dccp_setsockopt_change() integer overflow https://bugs.launchpad.net/bugs/258180 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
