ID CVE-2007-1734
Summary The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 16-10-2018 - 16:40)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bugtraq 20070327 Re: [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability
sectrack 1017820
sreason 2511
xf
  • kernel-dccp-information-disclosure(33274)
  • linux-kernel-dccp-info-disclosure(43321)
statements via4
contributor Mark J Cox
lastmodified 2007-10-23
organization Red Hat
statement Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Last major update 16-10-2018 - 16:40
Published 28-03-2007 - 22:19
Last modified 16-10-2018 - 16:40
Back to Top