HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

 

CERT-In Vulnerability Note CIVN-2008-134
Linux Kernel "dccp_setsockopt_change()" Integer Overflow Vulnerability

Original Issue Date: August 20, 2008

Severity Rating: High

Systems Affected

  • Linux Kernel Versions 2.6.17-rc1 and later

Overview

A vulnerability has been reported in Linux Kernel, which could be exploited by a remote attacker to cause a Denial of Service.

Description

 The vulnerability exists in the 'dccp_setsockopt_change()' function in the 'net/dccp/proto.c' in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux Kernel. This is caused due to a lack of sanitization performed on a user-controlled integer value before the value being used as the size argument of a memory allocation operation. A remote attacker can exploit this issue to trigger a kernel panic.

Solution

 This issue is fixed in the GIT repository
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3e8a0a559c66ee9e7468195691a
56fefc3589740

Vendor Information

 Linux Kernel
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3e8a0a559c66ee9e7468195691a
56fefc3589740

References

 Redhat
https://bugzilla.redhat.com/show_bug.cgi?id=459226

Secunia
http://secunia.com/advisories/31509/

Juniper Networks
http://www.juniper.net/security/auto/vulnerabilities/
vuln30704.html

CVE Name
CVE-2008-3276

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003