Lucene search

RedhatCVE-2007-1353

HistoryApr 24, 2007 - 4:19 p.m.

CVE-2007-1353

2007-04-2416:19:00

redhat

web.nvd.nist.gov

cve-2007-1353

linux kernel

bluetooth

vulnerability

stack buffer

memory

sensitive information

security advisory

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

44.4%

JSON

The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤2.4.34.2

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

References

rhn.redhat.com/errata/RHSA-2007-0488.html

secunia.com/advisories/24976

secunia.com/advisories/25596

secunia.com/advisories/25683

secunia.com/advisories/25700

secunia.com/advisories/25838

secunia.com/advisories/26133

secunia.com/advisories/26139

secunia.com/advisories/26289

secunia.com/advisories/26379

secunia.com/advisories/26450

secunia.com/advisories/26478

secunia.com/advisories/27528

secunia.com/advisories/29058

support.avaya.com/elmodocs2/security/ASA-2007-287.htm

support.avaya.com/elmodocs2/security/ASA-2007-404.htm

www.debian.org/security/2007/dsa-1356

www.debian.org/security/2008/dsa-1503

www.debian.org/security/2008/dsa-1504

www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34.3

www.novell.com/linux/security/advisories/2007_35_kernel.html

www.redhat.com/support/errata/RHSA-2007-0671.html

www.redhat.com/support/errata/RHSA-2007-0672.html

www.redhat.com/support/errata/RHSA-2007-0673.html

www.securityfocus.com/bid/23594

www.ubuntu.com/usn/usn-470-1

www.ubuntu.com/usn/usn-486-1

www.ubuntu.com/usn/usn-489-1

www.vupen.com/english/advisories/2007/1495

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10626

rhn.redhat.com/errata/RHSA-2007-0376.html

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

44.4%

JSON

Related for CVE-2007-1353