Vigil@nce - Linux kernel: buffer overflow of ROSE
March 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
A local or remote attacker can use several ROSE vulnerabilities,
in order to stop the kernel, or to execute code.
Severity: 2/4
Creation date: 21/03/2011
IMPACTED PRODUCTS
– Linux kernel
DESCRIPTION OF THE VULNERABILITY
The kernel implements the ROSE protocol, used by amateur radio
(ham radio).
The following functions do not check the size of data received
from the ROSE protocol:
rose_loopback_timer()
rose_parse_ccitt()
rose_parse_facilities()
rose_parse_national()
rose_route_frame()
rose_rx_call_request()
A local or remote attacker can therefore use several ROSE
vulnerabilities, in order to stop the kernel, or to execute code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-buffer-overflow-of-ROSE-10469
To change your email preferences (frequency, severity threshold, format):
https://vigilance.fr/?action=2041549901&langue=2