Buffer Overflow and Denial of Service Vulnerability in Linux Kernel
CVE-2008-1673

Currently unrated

Key Information:

Vendor

Linux
Status
Linux Kernel
Debian Linux
Vendor
CVE Published:
10 June 2008

What is CVE-2008-1673?

The Linux kernel versions prior to 2.4.36.6 (2.4 series) and 2.6.25.5 (2.6 series) include a flaw in ASN.1 implementation. This flaw does not adequately validate length values during the decoding of ASN.1 BER data. Attackers can exploit this vulnerability by providing malformed data, which can result in a denial of service through crashes or potentially executing arbitrary code. The vulnerability stems from errors such as receiving a length greater than the buffer size, an object identifier length of zero leading to off-by-one errors, or handling of indefinite lengths in primitive encodings.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2008...
vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/30000
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30658
third-party-advisoryx_refsource_SECUNIA

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.