The X.25 implementation in the Linux kernel prior to 2.6.36.2 does not properly parse facilities, which allows remote malicious users to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different vulnerability than CVE-2010-4164.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
suse linux enterprise server 9 |
||
opensuse opensuse 11.4 |
||
debian debian linux 5.0 |