7.8

CVE-2007-4567

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.21.7
LinuxLinux Kernel Version2.2.27
LinuxLinux Kernel Version2.4.36
LinuxLinux Kernel Version2.4.36.1
LinuxLinux Kernel Version2.4.36.2
LinuxLinux Kernel Version2.4.36.3
LinuxLinux Kernel Version2.4.36.4
LinuxLinux Kernel Version2.4.36.5
LinuxLinux Kernel Version2.4.36.6
LinuxLinux Kernel Version2.6
LinuxLinux Kernel Version2.6.18
LinuxLinux Kernel Version2.6.18 Updaterc1
LinuxLinux Kernel Version2.6.18 Updaterc2
LinuxLinux Kernel Version2.6.18 Updaterc3
LinuxLinux Kernel Version2.6.18 Updaterc4
LinuxLinux Kernel Version2.6.18 Updaterc5
LinuxLinux Kernel Version2.6.18 Updaterc6
LinuxLinux Kernel Version2.6.18 Updaterc7
LinuxLinux Kernel Version2.6.19.4
LinuxLinux Kernel Version2.6.19.5
LinuxLinux Kernel Version2.6.19.6
LinuxLinux Kernel Version2.6.19.7
LinuxLinux Kernel Version2.6.20.16
LinuxLinux Kernel Version2.6.20.17
LinuxLinux Kernel Version2.6.20.18
LinuxLinux Kernel Version2.6.20.19
LinuxLinux Kernel Version2.6.20.20
LinuxLinux Kernel Version2.6.20.21
LinuxLinux Kernel Version2.6.21.5
LinuxLinux Kernel Version2.6.21.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.34% 0.962
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/28170
Vendor Advisory
http://secunia.com/advisories/28706
Vendor Advisory
http://www.ubuntu.com/usn/usn-574-1
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://secunia.com/advisories/25505
Vendor Advisory
http://bugzilla.kernel.org/show_bug.cgi?id=8450
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e76b2b2567b83448c2ee85a896433b96150c92e6
http://secunia.com/advisories/38015
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0019.html
http://www.redhat.com/support/errata/RHSA-2010-0053.html
http://www.securityfocus.com/bid/26943
https://bugzilla.redhat.com/show_bug.cgi?id=548641
https://exchange.xforce.ibmcloud.com/vulnerabilities/39171
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7474
https://usn.ubuntu.com/558-1/