CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
23.7%
Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in
Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout
group to overwrite an integer value in kernel memory by writing to
/dev/zap/ctl, related to missing validation of the sync field associated
with the ZT_SPANCONFIG ioctl.