1. Home
  2. Vulnerabilities
  3. CVE-2008-2358

CVE-2008-2358

CVSS v2.0 7.2 (High)
72% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 1
Advisories 3
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.

Weaknesses
CWE-189
Numeric Errors
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2008-06-10 00:32:00
(16 years ago)
Updated Date
2017-09-29 01:31:08
(7 years ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel 2.6.17 cpe:2.3:o:linux:linux_kernel:2.6.17
  Linux Kernel 2.6.18 cpe:2.3:o:linux:linux_kernel:2.6.18
  Linux Kernel 2.6.19 cpe:2.3:o:linux:linux_kernel:2.6.19
  Linux Kernel 2.6.20 cpe:2.3:o:linux:linux_kernel:2.6.20