CVE-2010-3310 (retired)

Priority
Description
Multiple integer signedness errors in net/rose/af_rose.c in the Linux
kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial
of service (heap memory corruption) or possibly have unspecified other
impact via a rose_getname function call, related to the rose_bind and
rose_connect functions.
Ubuntu-Description
Dan Rosenberg discovered that the ROSE driver did not correctly check
parameters. A local attacker with access to a ROSE network device could
exploit this to crash the system or possibly gain root privileges.
Assigned-to
bradf
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:52:57 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)