CVE-2007-2172 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-2172
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2172

Description: A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-464-1 SAID Secunia Advisory: SA25068 Secunia Advisory: SA26450 Secunia Advisory: SA26289 Secunia Advisory: SA25838 Secunia Advisory: SA25392 Secunia Advisory: SA25288 Secunia Advisory: SA26647 Secunia Advisory: SA26620 Secunia Advisory: SA27913 Secunia Advisory: SA29058 REDHAT http://www.redhat.com/support/errata/RHSA-2007-1049.html http://rhn.redhat.com/errata/RHSA-2007-0488.html http://www.redhat.com/support/errata/RHSA-2007-0347.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 DEBIAN http://www.debian.org/security/2008/dsa-1504 http://www.debian.org/security/2008/dsa-1503 http://www.debian.org/security/2007/dsa-1363 http://www.debian.org/security/2007/dsa-1356 CONFIRM http://www.mail-archive.com/git-commits-head@vger.kernel.org/msg08269.html http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35 http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm http://www.mail-archive.com/git-commits-head@vger.kernel.org/msg08270.html http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6 BID 23447

Return to the previous page.