5.4

CVE-2006-2446

Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.6.9 Update2.6.20
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.26% 0.868
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.4 4.9 6.9
AV:N/AC:H/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22093
http://www.debian.org/security/2006/dsa-1184
http://secunia.com/advisories/21465
http://secunia.com/advisories/22417
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
http://www.redhat.com/support/errata/RHSA-2006-0575.html
Patch
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
http://secunia.com/advisories/22082
http://www.debian.org/security/2006/dsa-1183
http://www.securityfocus.com/bid/19475
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9117