SUSE CVE-2004-2607

A numeric casting discrepancy in sdlaxfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer...

Debian DSA-1018-2 : kernel-source-2.4.27 - several vulnerabilities

The original update lacked recompiled ALSA modules against the new kernel ABI. Furthermore, kernel-latest-2.4-sparc now correctly depends on the updated packages. For completeness we're providing the original problem description : Several local and remote vulnerabilities have been discovered in t...

CVE-2004-2607

A numeric casting discrepancy in sdlaxfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer...

CVE-2004-2607

CVE-2004-2607 is a local-read vulnerability in the Linux kernel (sdla_xfer) caused by casting a large len argument received as int to a short, preventing a read loop from filling a buffer. The description applies to Linux kernel 2.6.x (up to 2.6.5) and 2.4 (up to 2.4.29-rc1). Public documents con...