CVE-2009-2909
Published: 20 October 2009
Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation.
Notes
Author | Note |
---|---|
kees | ABI bumper |
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Released
(2.6.24-26.64)
|
|
intrepid |
Released
(2.6.27-16.44)
|
|
jaunty |
Released
(2.6.28-17.58)
|
|
karmic |
Not vulnerable
|
|
upstream |
Released
(2.6.32~rc3)
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=blobdiff;f=include/net/sock.h;h=1621935aad5bc5b3e69299c136c685dd42dbff92;hp=950409dcec3d5763bf4822c4fb8599e20808c728;hb=b7058842c940ad2c08dd829b21e5c92ebe3b8758;hpb=eb1cf0f8f7a9e5a6d573d5bd72c015686a042db0 |
||
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-55.81)
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
upstream |
Released
(2.6.32~rc3)
|