QwikSec

Security Database

CVE

CWE

Training

CVE-2008-3276

Published: Aug 18, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=459226

x_refsource_CONFIRM

oval:org.mitre.oval:def:11506

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20080815 CVE-2008-3276 Linux kernel dccp_setsockopt_change() integer overflow

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2008:052

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_SECTRACK

http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=3e8a0a559c66ee9e7468195691a56fefc3589740

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2008-3276 - Security Vulnerability | QwikSec