Linux Kernel Potential Buffer Overflow Vulnerabilities
Via Secunia.
Secunia Advisory: SA17384
Release Date: 2005-11-01
Critical: Not critical
Impact: Unknown
Where: Local system
Solution Status: Vendor Patch
OS: Linux Kernel 2.6.x
Description:
Two vulnerabilities have been reported in the Linux Kernel, with an unknown impact.
1) A boundary error due to missing parameter validation in the "map_to_seg7()" function in "drivers/usb/input/map_to_7segment.h" of the Yealink driver may cause out-of-bound memory references.
2) A boundary error in "/drivers/i2c/i2c-core.c" when handling SMBus Block Write transactions may cause a buffer overflow.
Solution:
The vulnerabilities have been fixed in version 2.6.14-git4.
Provided and/or discovered by:
Reported by vendor.
Original Advisory:
Kernel.org:
http://www.kernel.org/git/?p=lin...b817532965d18b792d6d74afecfb0bcf
http://www.kernel.org/git/?p=lin...5981537ff3b8df6433951de6c9cb72cb
http://www.kernel.org/pub/linux/.../snapshots/patch-2.6.14-git4.log
posted by Fergie @ 11/01/2005 05:29:00 PM
0 Comments:
Post a Comment
<< Home