Vulnerability Description
Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.4.0 |
References
- http://marc.info/?l=bugtraq&m=108793792820740
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16480
- http://marc.info/?l=bugtraq&m=108793792820740
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16480
FAQ
What is CVE-2004-0658?
CVE-2004-0658 is a vulnerability with a CVSS score of 7.2 (HIGH). Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and po...
How severe is CVE-2004-0658?
CVE-2004-0658 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0658?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.