2 matches found
CVE-2004-1334
The CVE concerns the Linux kernel before 2.6.10, where the function ip_options_get is vulnerable to an integer overflow when cmsg_len is -1. This can be exploited by local users to trigger a kernel crash (DoS) via a crafted message length, leading to a buffer overflow. Affected component: kernel ...
CVE-2004-1334
Integer overflow in the ipoptionsget function in the Linux kernel before 2.6.10 allows local users to cause a denial of service kernel crash via a cmsglen that contains a -1, which leads to a buffer overflow...