QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1770

Published: Jun 24, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

[linux-kernel] 20110506 [PATCH] dccp: handle invalid feature options length

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_BID

[linux-kernel] 20110506 Re: [PATCH] dccp: handle invalid feature options length

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=703011

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SREASON

FEDORA-2011-7823

vendor-advisory

x_refsource_FEDORA

http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14

x_refsource_CONFIRM

FEDORA-2011-7551

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.