kernel: denial of service [LWN.net]

Package(s):

kernel

CVE #(s):

CVE-2007-3642

Created:

July 23, 2007

Updated:

November 14, 2007

Description:

The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c in the Linux kernel before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference.

Alerts:

Ubuntu	USN-510-1	2007-08-31
Debian	DSA-1356-1	2007-08-15
Fedora	FEDORA-2007-655	2007-08-09
Fedora	FEDORA-2007-1130	2007-07-20

(Log in to post comments)