VYPR
Unrated severityNVD Advisory· Published Dec 9, 2008· Updated Jun 16, 2026

CVE-2008-5396

CVE-2008-5396

Description

Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZT_SPANCONFIG ioctl.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Asterisk/Zaptel4 versions
    cpe:2.3:a:asterisk:zaptel:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:asterisk:zaptel:*:*:*:*:*:*:*:*range: <=1.4.11
    • cpe:2.3:a:asterisk:zaptel:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:asterisk:zaptel:1.2.27:*:*:*:*:*:*:*
    • cpe:2.3:a:asterisk:zaptel:1.4:*:*:*:*:*:*:*
  • DAHDI/DAHDIllm-create
    Range: <=1.4.11
  • Zaptel/Zaptelllm-fuzzy
    Range: <=1.4.11

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.