Info

Disclosure

Jun 29, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in the Sbus PROM driver in the Linux kernel. The copyin function fails to check an integer is not negative resulting in an integer overflow. With a specially crafted request, an attacker can potentially execute arbitrary code resulting in a loss of integrity, and/or availability.

Classification

Location: Local Access Required
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

kernel.org	Linux	2.4.0
		2.4.1
		2.4.2
		2.4.3
		2.4.4
		2.4.5
		2.4.6
		2.4.7
		2.4.8
		2.4.9
		2.4.10
		2.4.11
		2.4.12
		2.4.13
		2.4.14
		2.4.15
		2.4.16
		2.4.17
		2.4.18
		2.4.19
		2.4.20
		2.4.21
		2.4.22
		2.4.23
		2.4.24
		2.4.25
		2.4.26
		2.4.27
		2.6.0
		2.6.1
		2.6.2
		2.6.3
		2.6.4
		2.6.5
		2.6.6
		2.6.7

References

Security Tracker: 1010617
Bugtraq ID: 10632
Secunia Advisory ID: 11981 29058
CVE ID: 2004-2731 (see also: NVD)
Related OSVDB ID: 7345
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-06/0463.html
Other Advisory URL: http://lists.debian.org/debian-security-announce/2008/msg00067.html
http://www.securiteam.com/unixfocus/5GP0515DFW.html

Credit

Sean - infamous41mdhotpop.com -

Direct URL: http://osvdb.org/8363

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

kernel.org

Linux

References

Credit