The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
CVE-2008-2812 (communication_manager, debian_linux, expanded_meet-me_conferencing, intuity_audix_lx, linux_desktop, linux_kernel, meeting_exchange, message_networking, messaging_storage_server, opensuse, proactive_contact, sip_enablement_services, suse_linux_enterprise_desktop, suse_linux_enterprise_server, ubuntu_linux)
Leave a reply
