4.7

CVE-2007-2172

A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.4.0 < 2.4.35
LinuxLinux Kernel Version >= 2.6.0 <= 2.6.20
LinuxLinux Kernel Version2.6.21 Updategit1
LinuxLinux Kernel Version2.6.21 Updategit2
LinuxLinux Kernel Version2.6.21 Updategit3
LinuxLinux Kernel Version2.6.21 Updategit4
LinuxLinux Kernel Version2.6.21 Updategit5
LinuxLinux Kernel Version2.6.21 Updategit6
LinuxLinux Kernel Version2.6.21 Updategit7
LinuxLinux Kernel Version2.6.21 Updaterc1
LinuxLinux Kernel Version2.6.21 Updaterc2
LinuxLinux Kernel Version2.6.21 Updaterc3
LinuxLinux Kernel Version2.6.21 Updaterc4
LinuxLinux Kernel Version2.6.21 Updaterc5
DebianDebian Linux Version3.1
DebianDebian Linux Version4.0
CanonicalUbuntu Linux Version6.06 SwEditionlts
CanonicalUbuntu Linux Version6.10
CanonicalUbuntu Linux Version7.04
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.343
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/29058
Third Party Advisory
http://www.debian.org/security/2008/dsa-1503
Third Party Advisory
http://secunia.com/advisories/27913
Third Party Advisory
http://secunia.com/advisories/33280
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-1049.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0787.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2007-0488.html
Third Party Advisory
http://secunia.com/advisories/25838
Third Party Advisory
http://secunia.com/advisories/26289
Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
Third Party Advisory
http://www.debian.org/security/2008/dsa-1504
Third Party Advisory
http://secunia.com/advisories/26620
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
Third Party Advisory
http://secunia.com/advisories/25392
Third Party Advisory
http://www.ubuntu.com/usn/usn-464-1
Third Party Advisory
http://secunia.com/advisories/25288
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0347.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
Third Party Advisory
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6
Vendor Advisory
http://secunia.com/advisories/25068
Third Party Advisory
http://secunia.com/advisories/26450
Third Party Advisory
http://secunia.com/advisories/26647
Third Party Advisory
http://www.debian.org/security/2007/dsa-1356
Third Party Advisory
http://www.debian.org/security/2007/dsa-1363
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35
Vendor Advisory
http://www.mail-archive.com/git-commits-head%40vger.kernel.org/msg08269.html
http://www.mail-archive.com/git-commits-head%40vger.kernel.org/msg08270.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:216
Third Party Advisory
http://www.securityfocus.com/bid/23447
Patch
Third Party Advisory
Vendor Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/2690
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33979
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10764
Third Party Advisory