[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110204

 
 

909

 
 

85984

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2007-1592Date: (C)2007-03-22   (M)2018-02-19


net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 4.9
Exploit Score: Exploit Score: 3.9
Impact Score: Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: LOCAL
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: NONE
Scope: Integrity: NONE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
BID-23104
SECUNIA-24618
SECUNIA-24777
SECUNIA-25078
SECUNIA-25099
SECUNIA-25226
SECUNIA-25288
SECUNIA-25392
SECUNIA-25630
SECUNIA-25683
SECUNIA-25714
SECUNIA-25961
SECUNIA-26379
SECUNIA-27528
SECUNIA-29058
ADV-2007-1084
DSA-1286
DSA-1304
DSA-1503
MDKSA-2007:078
MDVSA-2011:051
RHBA-2007-0304
RHSA-2007:0347
RHSA-2007:0436
RHSA-2007:0672
RHSA-2007:0673
SUSE-SA:2007:029
SUSE-SA:2007:030
SUSE-SA:2007:035
SUSE-SA:2007:043
USN-464-1
http://marc.info/?l=linux-netdev&m=117406721731891&w=2
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299
http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4
kernel-tcpv6synrecvsoc-dos(33176)

CPE    238
cpe:/o:linux:linux_kernel:2.6.20.19
cpe:/o:linux:linux_kernel:2.6.20.11
cpe:/o:linux:linux_kernel:2.6.20.12
cpe:/o:linux:linux_kernel:2.6.20.13
...
CWE    1
CWE-119
OVAL    1
oval:org.mitre.oval:def:8063

© SecPod Technologies