[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110204

 
 

909

 
 

85984

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2007-4567Date: (C)2007-12-20   (M)2018-06-11


The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 7.8
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: NONE
Scope: Integrity: NONE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
SECUNIA-25505
BID-26943
SECUNIA-28170
SECUNIA-28706
SECUNIA-38015
RHSA-2010:0019
RHSA-2010:0053
RHSA-2010:0095
USN-558-1
USN-574-1
http://bugzilla.kernel.org/show_bug.cgi?id=8450
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e76b2b2567b83448c2ee85a896433b96150c92e6
https://bugzilla.redhat.com/show_bug.cgi?id=548641
linux-kernel-ipv6-dos(39171)

CPE    21
cpe:/o:linux:linux_kernel:2.6.18
cpe:/o:linux:linux_kernel:2.6.20.19
cpe:/o:linux:linux_kernel:2.6.21.5
cpe:/o:linux:linux_kernel:2.6.21.6
...
CWE    1
CWE-20
OVAL    3
oval:org.secpod.oval:def:201850
oval:org.secpod.oval:def:201898
oval:org.secpod.oval:def:500366

© SecPod Technologies