CVE-2008-0384

2008-01-2219:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.8%

JSON

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.

References

marc.info/?l=openbsd-security-announce&m=120007327504064

secunia.com/advisories/28473

www.openbsd.org/errata42.html#005_ifrtlabel

www.securityfocus.com/bid/27252

www.securitytracker.com/id?1019188

www.exploit-db.com/exploits/4935