4.7
CVE-2007-2172
- EPSS 0.43%
- Veröffentlicht 22.04.2007 19:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:04
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.4.0 < 2.4.35
Linux ≫ Linux Kernel Version >= 2.6.0 <= 2.6.20
Linux ≫ Linux Kernel Version2.6.21 Updategit1
Linux ≫ Linux Kernel Version2.6.21 Updategit2
Linux ≫ Linux Kernel Version2.6.21 Updategit3
Linux ≫ Linux Kernel Version2.6.21 Updategit4
Linux ≫ Linux Kernel Version2.6.21 Updategit5
Linux ≫ Linux Kernel Version2.6.21 Updategit6
Linux ≫ Linux Kernel Version2.6.21 Updategit7
Linux ≫ Linux Kernel Version2.6.21 Updaterc1
Linux ≫ Linux Kernel Version2.6.21 Updaterc2
Linux ≫ Linux Kernel Version2.6.21 Updaterc3
Linux ≫ Linux Kernel Version2.6.21 Updaterc4
Linux ≫ Linux Kernel Version2.6.21 Updaterc5
Debian ≫ Debian Linux Version3.1
Debian ≫ Debian Linux Version4.0
Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts
Canonical ≫ Ubuntu Linux Version6.10
Canonical ≫ Ubuntu Linux Version7.04
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.43% | 0.343 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 3.4 | 6.9 |
AV:L/AC:M/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/29058
http://www.debian.org/security/2008/dsa-1503
http://secunia.com/advisories/27913
http://secunia.com/advisories/33280
http://www.redhat.com/support/errata/RHSA-2007-1049.html
http://www.redhat.com/support/errata/RHSA-2008-0787.html
http://rhn.redhat.com/errata/RHSA-2007-0488.html
http://secunia.com/advisories/25838
http://secunia.com/advisories/26289
http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
http://www.debian.org/security/2008/dsa-1504
http://secunia.com/advisories/26620
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
http://secunia.com/advisories/25392
http://www.ubuntu.com/usn/usn-464-1
http://secunia.com/advisories/25288
http://www.redhat.com/support/errata/RHSA-2007-0347.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6
http://secunia.com/advisories/25068
http://secunia.com/advisories/26450
http://secunia.com/advisories/26647
http://www.debian.org/security/2007/dsa-1356
http://www.debian.org/security/2007/dsa-1363
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35
http://www.mail-archive.com/git-commits-head%40vger.kernel.org/msg08269.html
http://www.mail-archive.com/git-commits-head%40vger.kernel.org/msg08270.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:216
http://www.securityfocus.com/bid/23447
http://www.vupen.com/english/advisories/2007/2690
https://exchange.xforce.ibmcloud.com/vulnerabilities/33979
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10764