A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 2.4.0 |
||
linux linux kernel 2.4.18 |
||
linux linux kernel 2.4.19 |
||
linux linux kernel 2.4.23 |
||
linux linux kernel 2.4.23_ow2 |
||
linux linux kernel 2.4.27 |
||
linux linux kernel 2.6.0 |
||
linux linux kernel 2.6.1 |
||
linux linux kernel 2.4.21 |
||
linux linux kernel 2.4.28 |
||
linux linux kernel 2.4.29 |
||
linux linux kernel 2.4.24 |
||
linux linux kernel 2.4.24_ow1 |
||
linux linux kernel 2.4.25 |
||
linux linux kernel 2.4.26 |
||
linux linux kernel 2.6.3 |
||
linux linux kernel 2.6.4 |
||
linux linux kernel 2.6.5 |
||
linux linux kernel 2.4.22 |
||
linux linux kernel 2.6.2 |