Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 156675

Summary: Kernel: get_fdb_entries() integer overflow
Product: Gentoo Security Reporter: Jule Slootbeek <jslootbeek>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5751
Whiteboard: [2.6 - 2.6.7 < 2.6.18.3]
Package list:
Runtime testing required: ---

Description Jule Slootbeek 2006-11-29 18:42:27 UTC 
Eugene Teo reported the following kernel vulnerability:

Linux 2.6.7-18.3 get_fdb_entries() function is vulnerable to an integer overflow condition. This could be abused to force memory allocation of an attacker controlled size. Successful exploitation could allow arbitrary code execution.
Comment 1 Harlan Lieberman-Berg (RETIRED) gentoo-dev 2006-12-08 18:44:20 UTC 
Duplicate of 155771