• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel Sbus PROM Driver Multiple Integer Overflow Vulnerabilities

The OpenPROM Linux kernel driver contains multiple integer-overflow vulnerabilities.

Two vulnerabilities reside in the OpenPROM driver; both involve overflowing an integer value. These values are used to allocate kernel memory and then to copy data into the kernel. Attackers could exploit this to overwrite large amounts of kernel memory.

Exploits could crash the system or possibly execute code in the context of the kernel.

NOTE: Some versions of the Linux kernel are vulnerable to both overflows; other versions are prone to only one. Kernel version 2.6.6 does not appear to be vulnerable.