CVE-2008-2136 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-2136
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-2136

Description: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/42451 UBUNTU http://www.ubuntu.com/usn/usn-625-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html ST 1020118 SAID Secunia Advisory: SA30368 Secunia Advisory: SA30276 Secunia Advisory: SA30241 Secunia Advisory: SA30198 Secunia Advisory: SA30818 Secunia Advisory: SA30962 Secunia Advisory: SA31107 Secunia Advisory: SA31198 Secunia Advisory: SA31341 Secunia Advisory: SA31628 Secunia Advisory: SA31689 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0607.html http://www.redhat.com/support/errata/RHSA-2008-0612.html http://www.redhat.com/support/errata/RHSA-2008-0585.html MLIST http://marc.info/?l=linux-netdev&m=121031533024912&w=2 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:167 http://www.mandriva.com/security/advisories?name=MDVSA-2008:174 FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1588 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-362.htm http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0169 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3 BID 29235

Return to the previous page.