Vulnonym.org

CVE-2008-1675 - Ancient Specialties

Description

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size which has unspecified impact and local attack vectors probably related to reading or writing kernel memory.

Reference

http://marc.info/?l=linux-kernel&m=120949204619718&w=2 http://marc.info/?l=linux-kernel&m=120949204519706&w=2 http://marc.info/?l=linux-kernel&m=120949582428998&w=2 http://wiki.rpath.com/Advisories:rPSA-2008-0157 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0157 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1 https://issues.rpath.com/browse/RPL-2501 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00232.html http://www.securityfocus.com/bid/29014 http://www.securitytracker.com/id?1019960 http://secunia.com/advisories/30017 http://secunia.com/advisories/30044 http://secunia.com/advisories/30260 http://www.mandriva.com/security/advisories?name=MDVSA-2008:109 http://secunia.com/advisories/30515 http://www.mandriva.com/security/advisories?name=MDVSA-2008:167 http://www.vupen.com/english/advisories/2008/1406/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42132 https://usn.ubuntu.com/614-1/ http://www.securityfocus.com/archive/1/491732/100/0/threaded http://www.securityfocus.com/archive/1/491566/100/0/threaded