Main Vulnerability Database Exploits ID:10297 - Exploit for Out-of-bounds read in Linux kernel - CVE-2007-1734

ID:10297 - Exploit for Out-of-bounds read in Linux kernel - CVE-2007-1734

Published: August 2, 2024

Vulnerability identifier: #VU95259

Vulnerability risk: Low

CVE-ID: CVE-2007-1734

CWE-ID: CWE-125

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/3595/

Vulnerability description

The vulnerability allows a local user to execute arbitrary code.

The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.

Remediation

Install update from vendor's repository.

ID:10297 - Exploit for Out-of-bounds read in Linux kernel - CVE-2007-1734

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human