Main Vulnerability Database Vulnerabilities #VU95488

Improper input validation in Linux kernel - CVE-2002-1573

Published: December 31, 2002 / Updated: September 5, 2008

Vulnerability identifier: #VU95488

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2002-1573

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to 'wrap handling.'

How to mitigate CVE-2002-1573

Install update from vendor's repository.

Sources

http://linux.bkbits.net:8080/linux-2.4/cset@3d6aadcbBIDX67Zl6zZnVKRcsilCVQ
http://www.redhat.com/support/errata/RHSA-2002-205.html
http://www.redhat.com/support/errata/RHSA-2002-206.html

Improper input validation in Linux kernel - CVE-2002-1573

Detailed vulnerability description

How to mitigate CVE-2002-1573

Sources

Please verify you're human