10

CVE-2007-2831

Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams functions in net80211/ieee80211_wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service (system crash), possibly obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MadwifiMadwifi Version <= 0.9.3
MadwifiMadwifi Version0.9.0
MadwifiMadwifi Version0.9.1
MadwifiMadwifi Version0.9.2
MadwifiMadwifi Version0.9.2.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.46% 0.875
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/26083
Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://secunia.com/advisories/25861
Vendor Advisory
http://www.ubuntu.com/usn/usn-479-1
http://madwifi.org/wiki/Security
Patch
http://secunia.com/advisories/25339
Vendor Advisory
http://secunia.com/advisories/25622
Vendor Advisory
http://secunia.com/advisories/25763
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200706-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:132
http://www.securityfocus.com/archive/1/470674/100/100/threaded
http://www.securityfocus.com/bid/24114
http://www.vupen.com/english/advisories/2007/1919
http://madwifi.org/ticket/1334
Patch
http://osvdb.org/36637
https://exchange.xforce.ibmcloud.com/vulnerabilities/34453