|
|
CVE Reference: CVE-2007-1388 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1388 |
|
|
Description: The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/usn-464-1 SUSE http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html SAID Secunia Advisory: SA24777 Secunia Advisory: SA24901 Secunia Advisory: SA25080 Secunia Advisory: SA25099 Secunia Advisory: SA25392 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0169.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11509 MISC http://bugzilla.kernel.org/show_bug.cgi?id=8155 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:078 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4 BID 23142 |
|
| Return to the previous page. |
