Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 156675 - Kernel: get_fdb_entries() integer overflow
Summary: Kernel: get_fdb_entries() integer overflow
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://cve.mitre.org/cgi-bin/cvename....
Whiteboard: [2.6 - 2.6.7 < 2.6.18.3]
Keywords:
Depends on:
Blocks:
 
Reported: 2006-11-29 18:42 UTC by Jule Slootbeek
Modified: 2006-12-08 18:44 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jule Slootbeek 2006-11-29 18:42:27 UTC 
Eugene Teo reported the following kernel vulnerability:

Linux 2.6.7-18.3 get_fdb_entries() function is vulnerable to an integer overflow condition. This could be abused to force memory allocation of an attacker controlled size. Successful exploitation could allow arbitrary code execution.
Comment 1 Harlan Lieberman-Berg (RETIRED) gentoo-dev 2006-12-08 18:44:20 UTC 
Duplicate of 155771