Skip to main content

CVE-2007-1734

Severity High
Score 7.2/10

Summary

The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.

  • LOW
  • LOCAL
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

References

Advisory Timeline

  • Published