385861 – (CVE-2007-5938) CVE-2007-5938 NULL dereference in iwl driver

Bug 385861 (CVE-2007-5938) - CVE-2007-5938 NULL dereference in iwl driver

Summary: CVE-2007-5938 NULL dereference in iwl driver

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2007-5938
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:	http://nvd.nist.gov/nvd.cfm?cvename=C...
Whiteboard:
Depends On:
Blocks:	401421 401431
TreeView+	depends on / blocked

Reported:	2007-11-15 22:42 UTC by Red Hat Product Security
Modified:	2019-09-29 12:22 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-04-08 21:11:39 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2008:0154	0	normal	SHIPPED_LIVE	Important: kernel security and bug fix update	2008-03-05 13:58:42 UTC

Description Lubomir Kundrak 2007-11-15 22:42:48 UTC

Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5938 to the following vulnerability:

There is a NULL dereference vulnerability in function iwl_set_rate() in compatible/iwl3945-base.c. See References for original advisory:

References:

http://bugs.gentoo.org/show_bug.cgi?id=199209

Comment 8 Red Hat Bugzilla 2009-10-23 19:03:05 UTC

Reporter changed to security-response-team by request of Jay Turner.

Comment 9 Vincent Danen 2010-04-08 21:11:39 UTC

This issue does not affect Red Hat Enterprise Linux 3 or 4 due to not including the iwlwifi driver.  It did affect Red Hat Enterprise Linux 5 and was addressed via:

https://rhn.redhat.com/errata/RHSA-2008-0154.html

and

https://rhn.redhat.com/errata/RHBA-2008-0314.html

Note You need to log in before you can comment on or make changes to this bug.