| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Arbitrary code execution |
|
| Description |
| + |
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-bounds bug in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. During this process, the kernel thread would call detach_capi_ctr() to detach a register controller. if the controller was not attached yet, detach_capi_ctr() would trigger an array-index-out-bounds bug. |
|
| References |
| + |
https://www.openwall.com/lists/oss-security/2021/10/19/1 |
| + |
https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/T/ |
| + |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.15&id=cc20226e218a2375d50dd9ac14fb4121b43375ff |
| + |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.76&id=7f221ccbee4ec662e2292d490a43ce6c314c4594 |
|