7.5

CVE-2006-4997

Exploit
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.18
CanonicalUbuntu Linux Version5.10
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version6.10
RedhatEnterprise Linux Version2.1
RedhatEnterprise Linux Version3
RedhatEnterprise Linux Version4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.72% 0.907
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.1 8.6 6.9
AV:N/AC:M/Au:N/C:N/I:N/A:C
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
Broken Link
http://secunia.com/advisories/23395
Broken Link
http://www.us.debian.org/security/2006/dsa-1237
Broken Link
http://secunia.com/advisories/25691
Broken Link
http://www.securityfocus.com/archive/1/471457
Third Party Advisory
Broken Link
VDB Entry
http://secunia.com/advisories/22292
Patch
Vendor Advisory
Broken Link
http://secunia.com/advisories/22945
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0689.html
Patch
Broken Link
http://secunia.com/advisories/22497
Broken Link
http://secunia.com/advisories/23064
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0710.html
Broken Link
http://secunia.com/advisories/23788
Broken Link
http://secunia.com/advisories/24288
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2007-078.htm
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0012.html
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0013.html
Broken Link
http://secunia.com/advisories/23474
Broken Link
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
Broken Link
http://secunia.com/advisories/23370
Broken Link
http://www.us.debian.org/security/2006/dsa-1233
Broken Link
http://secunia.com/advisories/23384
Broken Link
http://secunia.com/advisories/23752
Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
Broken Link
http://www.ubuntu.com/usn/usn-395-1
Third Party Advisory
http://secunia.com/advisories/22279
Patch
Vendor Advisory
Broken Link
http://www.vupen.com/english/advisories/2006/3937
Broken Link
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265
Exploit
Issue Tracking
http://secunia.com/advisories/22253
Vendor Advisory
Broken Link
http://secunia.com/advisories/22762
Broken Link
http://securitytracker.com/id?1017526
Third Party Advisory
Broken Link
VDB Entry
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe26109a9dfd9327fdbe630fc819e1b7450986b2
Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2006:197
Broken Link
http://www.securityfocus.com/bid/20363
Third Party Advisory
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2006/3999
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/29387
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10388
Broken Link