CVE-2007-2831

MadWifi <0.9.3.1 - DoS/Info Disclosure

Title source: llm
STIX 2.1

Description

Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams functions in net80211/ieee80211_wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service (system crash), possibly obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value.

References (16)

Core 16
Core References
Patch x_refsource_confirm
http://madwifi.org/ticket/1334
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-479-1
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200706-04.xml
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25339
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24114
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26083
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25622
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_14_sr.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25763
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:132
Patch x_refsource_confirm
http://madwifi.org/wiki/Security
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36637
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25861
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34453
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1919
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/470674/100/100/threaded

Scores

EPSS 0.0346
EPSS Percentile 87.7%

Details

CWE
CWE-119
Status published
Products (5)
madwifi/madwifi 0.9.0
madwifi/madwifi 0.9.1
madwifi/madwifi 0.9.2
madwifi/madwifi 0.9.2.1
madwifi/madwifi < 0.9.3
Published May 24, 2007
Tracked Since Feb 18, 2026