[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5501Date: (C)2007-11-15   (M)2023-12-22


The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
BID-26474
SECUNIA-27664
SECUNIA-27703
SECUNIA-27888
SECUNIA-27919
SECUNIA-27922
SECUNIA-28170
SECUNIA-28706
SECUNIA-29245
ADV-2007-3902
FEDORA-2007-3751
FEDORA-2007-3837
FEDORA-2007-759
MDVSA-2008:044
SUSE-SA:2007:063
SUSE-SA:2008:013
USN-558-1
USN-574-1
http://lwn.net/Articles/258947/
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=96a2d41a3e495734b63bff4e5dd0112741b93b38
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc3
https://issues.rpath.com/browse/RPL-1965
linux-kernel-tcpsacktagwritequeue-dos(38548)

CWE    1
CWE-399
OVAL    1
oval:org.secpod.oval:def:301433

© SecPod Technologies