CVE-2008-2358

2008-06-10T00:32:00
ID CVE-2008-2358
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:31:00

Description

Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow. Patch information can be found at the following location:

http://lists.debian.org/debian-security-announce/2008/msg00172.html