LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: arbitrary code execution

Package(s):kernel CVE #(s):CVE-2008-1673
Created:June 9, 2008 Updated:November 14, 2008
Description:

From the Debian advisory:

Wei Wang from McAfee reported a potential heap overflow in the ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem. Exploitation of this issue may lead to arbitrary code execution. This issue is not believed to be exploitable with the pre-built kernel images provided by Debian, but it might be an issue for custom images built from the Debian-provided source package.

Alerts:
SuSE SUSE-SR:2008:025 2008-11-14
SuSE SUSE-SA:2008:052 2008-10-21
SuSE SUSE-SA:2008:049 2008-10-02
SuSE SUSE-SA:2008:048 2008-10-01
SuSE SUSE-SA:2008:047 2008-10-01
SuSE SUSE-SA:2008:044 2008-09-11
Mandriva MDVSA-2008:174 2008-08-19
SuSE SUSE-SA:2008:038 2008-07-29
Ubuntu USN-625-1 2008-07-15
SuSE SUSE-SA:2008:035 2008-07-21
Fedora FEDORA-2008-5454 2008-06-20
Mandriva MDVSA-2008:113 2008-06-13
Fedora FEDORA-2008-5308 2008-06-12
rPath rPSA-2008-0189-1 2008-06-11
Debian DSA-1592-2 2008-06-09
Debian DSA-1592-1 2008-06-09
(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds