Vulnerability Description
The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 2.4.34.2 |
References
- http://rhn.redhat.com/errata/RHSA-2007-0488.html
- http://secunia.com/advisories/24976Vendor Advisory
- http://secunia.com/advisories/25596
- http://secunia.com/advisories/25683
- http://secunia.com/advisories/25700
- http://secunia.com/advisories/25838
- http://secunia.com/advisories/26133
- http://secunia.com/advisories/26139
- http://secunia.com/advisories/26289
- http://secunia.com/advisories/26379
- http://secunia.com/advisories/26450
- http://secunia.com/advisories/26478
- http://secunia.com/advisories/27528
- http://secunia.com/advisories/29058
- http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
FAQ
What is CVE-2007-1353?
CVE-2007-1353 is a vulnerability with a CVSS score of 2.1 (LOW). The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspeci...
How severe is CVE-2007-1353?
CVE-2007-1353 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1353?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.