CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-1368

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile36.58th
Published2006年3月23日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.

Affected Platforms (CPE)

💻
Linux

Linux Kernel

<= 2.6.15

References & Advisories

🔗 http://secunia.com/advisories/19330
🔗 http://secunia.com/advisories/19955
🔗 http://secunia.com/advisories/20671
🔗 http://secunia.com/advisories/20914
🔗 http://secunia.com/advisories/21045
🔗 http://www.debian.org/security/2006/dsa-1097
🔗 http://www.debian.org/security/2006/dsa-1103
🔗 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8763716bfe4d8a16bef28c9947cf9d799b1796a5

相关漏洞威胁

CVE-2000-074710.0

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and k...

CVE-2002-157210.0

Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown imp...

CVE-2000-050610.0

The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting th...

CVE-2002-157310.0

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and...