170862 – (CVE-2007-0005) Kernel: Buffer overflow in omnikey driver (CVE-2007-0005)

Bug 170862 (CVE-2007-0005) - Kernel: Buffer overflow in omnikey driver (CVE-2007-0005)

Summary: Kernel: Buffer overflow in omnikey driver (CVE-2007-0005)

Status:	RESOLVED FIXED

Alias:	CVE-2007-0005

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://cve.mitre.org/cgi-bin/cvename....
Whiteboard:	[linux < 2.6.16.44][linux >= 2.6.17 <...
Keywords:

Depends on:
Blocks:

Reported:	2007-03-14 12:41 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified:	2013-09-05 02:50 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-03-14 12:41:03 UTC

Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges.

Comment 1 unnamedrambler 2008-03-07 19:14:59 UTC

[linux < 2.6.16.44] dfe67217aea3eb4ecbab736903f6ecee3458b8a8
[linux => 2.6.17 < 2.6.20.2] 7670279989a552a7a8afd275368d55a4f3b5054b
this patch also made it into 2.6.21 059819a41d4331316dd8ddcf977a24ab338f4300

[gp <2.6.20-3]