Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux Kernel IEEE 1394驱动整数溢出漏洞
Vulnerability Description
Linux是一款开放源代码操作系统。 Linux Kernel包含的IEEE 1394驱动存在整数溢出问题,本地攻击者可以利用这个漏洞进行本地拒绝服务攻击或提升权限。 IEEE 1394包含的alloc_hpsb_packet()函数接收无符号整数参数,并用于分配内核内存,结果可导致几G的内存数据拷贝到小的缓冲区中,这可能导致系统崩溃。在部分情况下也可能用于提升权限。
CVSS Information
N/A
Vulnerability Type
N/A