4.7
CVE-2007-2172
- EPSS 0.07%
- Veröffentlicht 22.04.2007 19:19:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.4.0 < 2.4.35
Linux ≫ Linux Kernel Version >= 2.6.0 <= 2.6.20
Linux ≫ Linux Kernel Version2.6.21 Updategit1
Linux ≫ Linux Kernel Version2.6.21 Updategit2
Linux ≫ Linux Kernel Version2.6.21 Updategit3
Linux ≫ Linux Kernel Version2.6.21 Updategit4
Linux ≫ Linux Kernel Version2.6.21 Updategit5
Linux ≫ Linux Kernel Version2.6.21 Updategit6
Linux ≫ Linux Kernel Version2.6.21 Updategit7
Linux ≫ Linux Kernel Version2.6.21 Updaterc1
Linux ≫ Linux Kernel Version2.6.21 Updaterc2
Linux ≫ Linux Kernel Version2.6.21 Updaterc3
Linux ≫ Linux Kernel Version2.6.21 Updaterc4
Linux ≫ Linux Kernel Version2.6.21 Updaterc5
Debian ≫ Debian Linux Version3.1
Debian ≫ Debian Linux Version4.0
Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts
Canonical ≫ Ubuntu Linux Version6.10
Canonical ≫ Ubuntu Linux Version7.04
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.179 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 3.4 | 6.9 |
AV:L/AC:M/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.