Lucene search

K

[email protected]CVE-2007-5938

HistoryDec 06, 2007 - 3:46 p.m.

CVE-2007-5938

2007-12-0615:46:00

CWE-189

[email protected]

web.nvd.nist.gov

32

cve-2007-5938

iwlwifi

denial of service

kernel panic

remote attackers

nvd

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.049 Low

EPSS

Percentile

92.8%

The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization.

CPENameOperatorVersion
intel:wireless_wifi_link_4965agnintel wireless wifi link 4965agneq1.1.21
intel:pro_wireless_3945abgintel pro wireless 3945abgeq1.1.21

References

article.gmane.org/gmane.linux.drivers.ipw3945.devel/1618

bugs.gentoo.org/show_bug.cgi?id=199209

osvdb.org/44749

secunia.com/advisories/29236

www.intellinuxwireless.org/repos/?p=iwlwifi.git%3Ba=commitdiff%3Bh=25db44d4cdfe31d59223d74cb577f4a71aff1a40

www.redhat.com/support/errata/RHSA-2008-0154.html

www.securityfocus.com/bid/26842

www.vupen.com/english/advisories/2007/4211

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10787

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.049 Low

EPSS

Percentile

92.8%

Related for CVE-2007-5938

prion1 ubuntucve1 seebug1 veracode1 fedora9 openvas21 nessus5 centos1 oraclelinux1 redhat1