[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-1592

Date: (C)2007-03-22   (M)2017-10-12
 
CVSS Score: 4.9Access Vector: LOCAL
Exploitability Subscore: 3.9Access Complexity: LOW
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE











net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.

Reference:
BID-23104
SECUNIA-24618
SECUNIA-24777
SECUNIA-25078
SECUNIA-25099
SECUNIA-25226
SECUNIA-25288
SECUNIA-25392
SECUNIA-25630
SECUNIA-25683
SECUNIA-25714
SECUNIA-25961
SECUNIA-26379
SECUNIA-27528
SECUNIA-29058
ADV-2007-1084
DSA-1286
DSA-1304
DSA-1503
MDKSA-2007:078
MDVSA-2011:051
RHBA-2007-0304
RHSA-2007:0347
RHSA-2007:0436
RHSA-2007:0672
RHSA-2007:0673
SUSE-SA:2007:029
SUSE-SA:2007:030
SUSE-SA:2007:035
SUSE-SA:2007:043
USN-464-1
http://marc.info/?l=linux-netdev&m=117406721731891&w=2
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299
http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4
kernel-tcpv6synrecvsoc-dos(33176)

CPE    238
cpe:/o:linux:linux_kernel:2.6.20.19
cpe:/o:linux:linux_kernel:2.6.20.15
cpe:/o:linux:linux_kernel:2.6.20.16
cpe:/o:linux:linux_kernel:2.6.20.17
...
CWE    1
CWE-119
OVAL    1
oval:org.mitre.oval:def:8063

© 2013 SecPod Technologies