Bug 324791 - (CVE-2004-2731) CVE-2004-2731 Interger overflows in Sbus PROM driver in Linux kernel
CVE-2004-2731 Interger overflows in Sbus PROM driver in Linux kernel
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
http://nvd.nist.gov/nvd.cfm?cvename=C...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-10-09 08:26 EDT by Lubomir Kundrak
Modified: 2007-10-09 08:51 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-09 08:51:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lubomir Kundrak 2007-10-09 08:26:03 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2004-2731 to the following vulnerability:

Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function.

References:

http://archives.neohapsis.com/archives/bugtraq/2004-06/0463.html
Comment 2 Lubomir Kundrak 2007-10-09 08:51:43 EDT
Not vulnerable. Linux kernel as shipped with with Red Hat Enterprise Linux 2.1,
3, 4 or 5 did not include the Sbus PROM module and therefore are not affected by
this issue.

Note You need to log in before you can comment on or make changes to this bug.