You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to
https://nvd.nist.gov
An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.
Current Description
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 up to 2.6.19.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field.
Metrics
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
Red Hat is aware of this issue and is tracking it for Red Hat Enterprise Linux 4 via the following bug:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602
This issue does not affect the version of the Linux kernel shipped with Red Hat Enterprise Linux 2.1 or 3.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected].
Múltiples desbordamientos de búfer en la función cmtp_recv_interopmsg en el controlador Bluetooth (net/bluetooth/cmtp/capi.c) en el kernel de Linux 2.4.22 hasta la versión 2.4.33.4 y 2.6.2 en versiones anteriores a 2.6.18.6 y 2.6.19.x, permiten a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de mensajes CAPI con un valor grande para la longitud del campo (1) manu (fabricante) o (2) serial (número de serie).
Removed
Translation
Múltiples desbordamientos de búfer en la función cmtp_recv_interopmsg en el controlador de Bluetooth (net/bluetooth/cmtp/capi.c) en el núcleo de Linux desde 2.4.22 hasta 2.4.33.4 y 2.6.2 anterior a 2.6.18.6, y 2.6.19.x permiten a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante mensajes CAPI con un valor grande para la longitud de los campos (1) manu (fabricante) o (2) serial (número de serie).
CVE Modified by Red Hat, Inc.10/17/2016 11:42:08 PM
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
