CVE-2008-5396
09.12.2008, 00:30
Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZT_SPANCONFIG ioctl.Enginsight
| Vendor | Product | Version |
|---|---|---|
| asterisk | zaptel | 𝑥 ≤ 1.4.11 |
| asterisk | zaptel | 1.2 |
| asterisk | zaptel | 1.2.27 |
| asterisk | zaptel | 1.4 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||||||||||||
| linux-ec2 |
| ||||||||||||||||||||
| linux-fsl-imx51 |
| ||||||||||||||||||||
| linux-lts-backport-maverick |
| ||||||||||||||||||||
| linux-lts-backport-natty |
| ||||||||||||||||||||
| linux-lts-backport-oneiric |
| ||||||||||||||||||||
| linux-mvl-dove |
| ||||||||||||||||||||
| linux-source-2.6.15 |
| ||||||||||||||||||||
| linux-source-2.6.22 |
| ||||||||||||||||||||
| linux-ti-omap4 |
| ||||||||||||||||||||
| zaptel |
|
Common Weakness Enumeration
References