CVE-2007-1000 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1000
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1000

Description: The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-489-1 http://www.ubuntu.com/usn/usn-486-1 SUSE http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html SAID Secunia Advisory: SA24901 Secunia Advisory: SA24518 Secunia Advisory: SA24777 Secunia Advisory: SA25080 Secunia Advisory: SA25099 Secunia Advisory: SA25691 Secunia Advisory: SA24493 Secunia Advisory: SA26133 Secunia Advisory: SA26139 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0169.html OSVDB 33025 MISC http://www.wslabi.com/wabisabilabi/initPublishedBid.do? MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:078 FEDORA http://fedoranews.org/cms/node/2787 http://fedoranews.org/cms/node/2788 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2 http://bugzilla.kernel.org/show_bug.cgi?id=8134 CERT-VN 920689 BUGTRAQ http://www.securityfocus.com/archive/1/471457 BID 22904

Return to the previous page.