Back to search
CVE-2004-2607
Published: Dec 3, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
18977
third-party-advisory
x_refsource_SECUNIA
19369
third-party-advisory
x_refsource_SECUNIA
DSA-1018
vendor-advisory
x_refsource_DEBIAN
MDKSA-2006:044
vendor-advisory
x_refsource_MANDRIVA
16759
vdb-entry
x_refsource_BID
[linux-kernel] 20040416 Re: [CHECKER] Probable security holes in 2.6.5
mailing-list
x_refsource_MLIST
MDKSA-2006:072
vendor-advisory
x_refsource_MANDRIVA
[linux-kernel] 20040416 Re: [CHECKER] Probable security holes in 2.6.5
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now