Published: 28/03/2007 Updated: 16/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.20
linux linux kernel 2.6.20.1
linux linux kernel 2.6.20.2

/* Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kernel memory Vulnerable Systems: Linux Kernel Versions: >= 2620 with DCCP support enabled Kernel versions <2620 lack DCCP_SOCKOPT_SEND_CSCOV/DCCP_SOCKOP ...

#include <netinet/inh> #include <stdioh> #include <sys/typesh> #include <sys/socketh> #include <net/ifh> #include <sys/mmanh> #include <linux/neth> #define BUFSIZE 0x10000000 int main(int argc, char *argv[]) { void *mem = mmap(0, BUFSIZE, PROT_READ | PROT_WRITE, MAP_ANONYMOUS | M ...

NVD-CWE-Other http://www.securitytracker.com/id?1017820 http://securityreason.com/securityalert/2511 https://exchange.xforce.ibmcloud.com/vulnerabilities/43321 https://exchange.xforce.ibmcloud.com/vulnerabilities/33274 http://www.securityfocus.com/archive/1/463969/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/3587/

CVE-2007-1734

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect