Unrated severityNVD Advisory· Published Mar 23, 2006· Updated Apr 16, 2026
CVE-2006-1368
CVE-2006-1368
Description
Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- secunia.com/advisories/19330nvdVendor Advisory
- secunia.com/advisories/19955nvdVendor Advisory
- secunia.com/advisories/20914nvdVendor Advisory
- secunia.com/advisories/21045nvdVendor Advisory
- secunia.com/advisories/20671nvd
- www.debian.org/security/2006/dsa-1097nvd
- www.debian.org/security/2006/dsa-1103nvd
- www.kernel.org/git/nvd
- www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16nvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/17831nvd
- www.vupen.com/english/advisories/2006/1046nvd
- www.vupen.com/english/advisories/2006/2554nvd
- usn.ubuntu.com/281-1/nvd
News mentions
0No linked articles in our index yet.