CVE-2007-1592 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1592
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1592

Description: net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/33176 UBUNTU http://www.ubuntu.com/usn/usn-464-1 SUSE http://www.novell.com/linux/security/advisories/2007_43_kernel.html http://www.novell.com/linux/security/advisories/2007_30_kernel.html http://www.novell.com/linux/security/advisories/2007_35_kernel.html http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html SAID Secunia Advisory: SA27528 Secunia Advisory: SA25226 Secunia Advisory: SA26379 Secunia Advisory: SA25961 Secunia Advisory: SA25714 Secunia Advisory: SA25683 Secunia Advisory: SA25630 Secunia Advisory: SA25392 Secunia Advisory: SA25288 Secunia Advisory: SA24618 Secunia Advisory: SA24777 Secunia Advisory: SA25078 Secunia Advisory: SA25099 Secunia Advisory: SA29058 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0673.html http://www.redhat.com/support/errata/RHSA-2007-0672.html http://www.redhat.com/support/errata/RHSA-2007-0347.html http://rhn.redhat.com/errata/RHSA-2007-0436.html MLIST http://marc.info/?l=linux-netdev&m=117406721731891&w=2 MISC http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:078 DEBIAN http://www.debian.org/security/2007/dsa-1304 http://www.debian.org/security/2008/dsa-1503 http://www.debian.org/security/2007/dsa-1286 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4 http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299 BID 23104

Return to the previous page.