CVE-2004-2013 - CERT CVE
ID CVE-2004-2013
Sažetak Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory.
Reference
CVSS
Base: 7.2
Impact: 10.0
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:L/AC:L/Au:N/C:C/I:C/A:C
Zadnje važnije ažuriranje 08-02-2024 - 17:59
Objavljeno 31-12-2004 - 05:00