|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
|
Description |
A local overflow exists in the Omnikey CardMan 4040 linux drivers. The issue is due to a boundary error in the read() and write() functions. With a specially crafted request, an attacker with write permissions to a cmx device file can cause a denial of service and possibly execute arbitrary code on the system resulting in a loss of integrity.
|
|
Classification |
Location:
Local Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to version 2.6.21-rc3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
Kernel
 |
2.6.10.x |
2.6.11.x |
2.6.12.x |
2.6.13.x |
2.6.14.x |
2.6.9.x |
2.6.8.x |
2.6.7.x |
2.6.5.x |
2.6.4.x |
2.6.3.x |
2.6.2.x |
2.6.1.x |
2.6.6.x |
2.6.15.x |
2.6.16.x |
2.6.20.x |
2.6.19.x |
2.6.18.x |
2.6.17.x |
2.6.21-rc1 |
2.6.21-rc2 |
2.6.21-rc3 |
|
|
|
|
|
|
Credit |
- Daniel Roethlisberger - daniel.roethlisberger
 csnc.ch - Compass Security Network Computing AG
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
