Launchpad.net

CVE 2007-4997

Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error."

Related bugs and status

CVE-2007-4997 (Candidate) is related to these bugs:

Bug #125816: linux-image postinst matches header_postinst_hook for postinst_hook incorrectly

		In	Importance	Status
125816	linux-image postinst matches header_postinst_hook for postinst_hook incorrectly	linux-source-2.6.22 (Ubuntu)	Medium	Fix Released
125816	linux-image postinst matches header_postinst_hook for postinst_hook incorrectly	linux-source-2.6.20 (Ubuntu)	High	Fix Released
125816	linux-image postinst matches header_postinst_hook for postinst_hook incorrectly	kernel-package (Ubuntu)	High	Fix Released
125816	linux-image postinst matches header_postinst_hook for postinst_hook incorrectly	kernel-package (Ubuntu Feisty)	Undecided	Won't Fix
125816	linux-image postinst matches header_postinst_hook for postinst_hook incorrectly	linux-source-2.6.20 (Ubuntu Feisty)	Undecided	Invalid
125816	linux-image postinst matches header_postinst_hook for postinst_hook incorrectly	linux-source-2.6.22 (Ubuntu Feisty)	Undecided	Invalid

Bug #153096: [sata_sil][sata->ide-bridg] failed to set xfermode

		In	Importance	Status
153096	[sata_sil][sata->ide-bridg] failed to set xfermode	linux-source-2.6.22 (Ubuntu)	High	Fix Released
153096	[sata_sil][sata->ide-bridg] failed to set xfermode	linux (Ubuntu)	High	Fix Released
153096	[sata_sil][sata->ide-bridg] failed to set xfermode	Linux	Medium	Fix Released

Bug #164011: [linux-source] multiple DoS vulnerabilities

Summary				In	Importance	Status
	164011	[linux-source] multiple DoS vulnerabilities		linux-meta (Ubuntu)	Undecided	Fix Released

Bug #164231: NFS regression causes subsequent mounts from same superblock to silently use previous mount options

		In	Importance	Status
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.22 (Ubuntu)	High	Invalid
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.22 (Ubuntu Hardy)	High	Invalid
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.22 (Ubuntu Gutsy)	High	Fix Released
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.22 (Ubuntu Feisty)	Undecided	Invalid
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux (Ubuntu)	High	Fix Released
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux (Ubuntu Feisty)	High	Invalid
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux (Ubuntu Gutsy)	High	Invalid
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux (Ubuntu Hardy)	High	Fix Released
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.20 (Ubuntu)	Undecided	Invalid
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.20 (Ubuntu Feisty)	High	Fix Released
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.20 (Ubuntu Gutsy)	Undecided	Invalid
164231	NFS regression causes subsequent mounts from same superblock to silently use previous mount options	linux-source-2.6.20 (Ubuntu Hardy)	Undecided	Invalid

Bug #185649: 7.10 support of new AMD PowerNow! (family 0x11 and beyond)

Summary				In	Importance	Status
	185649	7.10 support of new AMD PowerNow! (family 0x11 and beyond)		linux-source-2.6.22 (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-4997

Related bugs and status

Related bugs

References