CVE-2008-2358

CVE-2008-2358 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.