7.5
CVE-2006-4997
- EPSS 4.72%
- Veröffentlicht 10.10.2006 04:06:00
- Zuletzt bearbeitet 16.06.2026 22:30:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 2.6.18
Canonical ≫ Ubuntu Linux Version5.10
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version6.10
Redhat ≫ Enterprise Linux Version2.1
Redhat ≫ Enterprise Linux Version3
Redhat ≫ Enterprise Linux Version4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.72% | 0.907 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
http://secunia.com/advisories/23395
http://www.us.debian.org/security/2006/dsa-1237
http://secunia.com/advisories/25691
http://www.securityfocus.com/archive/1/471457
http://secunia.com/advisories/22292
http://secunia.com/advisories/22945
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
http://www.redhat.com/support/errata/RHSA-2006-0689.html
http://secunia.com/advisories/22497
http://secunia.com/advisories/23064
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
http://www.redhat.com/support/errata/RHSA-2006-0710.html
http://secunia.com/advisories/23788
http://secunia.com/advisories/24288
http://support.avaya.com/elmodocs2/security/ASA-2007-078.htm
http://www.redhat.com/support/errata/RHSA-2007-0012.html
http://www.redhat.com/support/errata/RHSA-2007-0013.html
http://secunia.com/advisories/23474
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
http://secunia.com/advisories/23370
http://www.us.debian.org/security/2006/dsa-1233
http://secunia.com/advisories/23384
http://secunia.com/advisories/23752
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
http://www.ubuntu.com/usn/usn-395-1
http://secunia.com/advisories/22279
http://www.vupen.com/english/advisories/2006/3937
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265
http://secunia.com/advisories/22253
http://secunia.com/advisories/22762
http://securitytracker.com/id?1017526
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe26109a9dfd9327fdbe630fc819e1b7450986b2
http://www.mandriva.com/security/advisories?name=MDKSA-2006:197
http://www.securityfocus.com/bid/20363
http://www.vupen.com/english/advisories/2006/3999
https://exchange.xforce.ibmcloud.com/vulnerabilities/29387
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10388