#VU95739 Memory corruption in Linux kernel - CVE-2008-1673

Cybersecurity Help s.r.o.

Published: 2008-06-10 | Updated: 2023-02-13

Vulnerability identifier: #VU95739

Vulnerability risk: Low

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2008-1673

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.6
https://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5
https://bugzilla.redhat.com/show_bug.cgi?id=443962
https://www.debian.org/security/2008/dsa-1592
https://www.securityfocus.com/bid/29589
https://secunia.com/advisories/30580
https://www.securitytracker.com/id?1020210
https://secunia.com/advisories/30000
https://secunia.com/advisories/30658
https://www.ubuntu.com/usn/usn-625-1
https://wiki.rpath.com/wiki/Advisories:rPSA-2008-0189
https://secunia.com/advisories/30644
https://www.mandriva.com/security/advisories?name=MDVSA-2008:174
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00587.html
https://secunia.com/advisories/31107
https://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html
https://www.mandriva.com/security/advisories?name=MDVSA-2008:113
https://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html
https://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html
https://secunia.com/advisories/31836
https://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
https://secunia.com/advisories/32759
https://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html
https://secunia.com/advisories/32104
https://secunia.com/advisories/32103
https://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html
https://www.vupen.com/english/advisories/2008/1770
https://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html
https://secunia.com/advisories/32370
https://secunia.com/advisories/30982
https://exchange.xforce.ibmcloud.com/vulnerabilities/42921
https://www.securityfocus.com/archive/1/493300/100/0/threaded
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ddb2c43594f22843e9f3153da151deaba1a834c5
https://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=33afb8403f361919aa5c8fe1d0a4f5ddbfbbea3c

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Memory corruption in Linux kernel