CVE-2008-5134

Linux Kernel < 2.6.27.5 - Buffer Overflow in libertas lbs_process_bss

Title source: llm
STIX 2.1

Description

Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."

References (13)

Core 13
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32998
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33641
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2009-0053.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32484
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33706
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/714-1/
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=470761
Various Sources mailing-list x_refsource_mlist
http://article.gmane.org/gmane.linux.kernel.wireless.general/23049
Mailing List mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2008/11/11/2
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33854
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2008/dsa-1681

Scores

EPSS 0.0526
EPSS Percentile 91.6%

Details

CWE
CWE-119
Status published
Products (50)
linux/linux_kernel 2.6.0
linux/linux_kernel 2.6.1
linux/linux_kernel 2.6.2
linux/linux_kernel 2.6.3
linux/linux_kernel 2.6.4
linux/linux_kernel 2.6.5
linux/linux_kernel 2.6.6
linux/linux_kernel 2.6.7
linux/linux_kernel 2.6.8
linux/linux_kernel 2.6.8.1
... and 40 more
Published Nov 18, 2008
Tracked Since Feb 18, 2026