CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
86.0%
Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel
2.6.24.4, and other versions before 2.6.30-rc1, might allow remote
attackers to obtain sensitive information via a large length value, which
causes “garbage” memory to be sent.