ROS-20260112-7304

A vulnerability in the afax25.c component of the Linux operating system kernel is related to the allocation of unlimited memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2019-17052

ax25create in net/ax25/afax25.c in the AFAX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768...

UBUNTU-CVE-2019-17052

ax25create in net/ax25/afax25.c in the AFAX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768...

Integer overflow

Integer signedness error in the ax25setsockopt function in net/ax25/afax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service OOPS via a crafted optlen value in an SOBINDTODEVICE operation...

Linux Kernel 'net/ax25/af_ax25.c'本地拒绝服务漏洞

Bugraq ID: 36635 Linux是一款开放源代码的操作系统。 Linux不正确校验用户值的符号正负，本地攻击者可以利用漏洞使内核崩溃。 ax25代码尝试使用： if optlen sizeofint return -EINVAL; 对设置套接字选项中的optlen是否会负（或零）做安全检查。 不幸的是"sizeofint"是一个无符号属性，结果可导致整个比较在无符号的情况下完成，是的负值可绕过检查。 Linux kernel 2.6.31 -rc7 Linux kernel 2.6.31 -rc6 Linux kernel 2.6.31 -rc3 + Trustix Secu...