7.8

CVE-2007-5501

The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.6.21
LinuxLinux Kernel Version2.6.21 Updaterc1
LinuxLinux Kernel Version2.6.21 Updaterc2
LinuxLinux Kernel Version2.6.21 Updaterc3
LinuxLinux Kernel Version2.6.21 Updaterc4
LinuxLinux Kernel Version2.6.21 Updaterc5
LinuxLinux Kernel Version2.6.21 Updaterc6
LinuxLinux Kernel Version2.6.21 Updaterc7
LinuxLinux Kernel Version2.6.21.1
LinuxLinux Kernel Version2.6.21.2
LinuxLinux Kernel Version2.6.21.3
LinuxLinux Kernel Version2.6.21.4
LinuxLinux Kernel Version2.6.21.5
LinuxLinux Kernel Version2.6.21.6
LinuxLinux Kernel Version2.6.21.7
LinuxLinux Kernel Version2.6.22
LinuxLinux Kernel Version2.6.22 Updaterc1
LinuxLinux Kernel Version2.6.22 Updaterc2
LinuxLinux Kernel Version2.6.22 Updaterc3
LinuxLinux Kernel Version2.6.22 Updaterc4
LinuxLinux Kernel Version2.6.22 Updaterc5
LinuxLinux Kernel Version2.6.22 Updaterc6
LinuxLinux Kernel Version2.6.22 Updaterc7
LinuxLinux Kernel Version2.6.22.1
LinuxLinux Kernel Version2.6.22.2
LinuxLinux Kernel Version2.6.22.3
LinuxLinux Kernel Version2.6.22.4
LinuxLinux Kernel Version2.6.22.5
LinuxLinux Kernel Version2.6.22.6
LinuxLinux Kernel Version2.6.22.7
LinuxLinux Kernel Version2.6.22.8
LinuxLinux Kernel Version2.6.22.9
LinuxLinux Kernel Version2.6.22.10
LinuxLinux Kernel Version2.6.22.11
LinuxLinux Kernel Version2.6.22.12
LinuxLinux Kernel Version2.6.22.13
LinuxLinux Kernel Version2.6.22.14
LinuxLinux Kernel Version2.6.22.15
LinuxLinux Kernel Version2.6.22.16
LinuxLinux Kernel Version2.6.22.17
LinuxLinux Kernel Version2.6.22.18
LinuxLinux Kernel Version2.6.22.19
LinuxLinux Kernel Version2.6.22.20
LinuxLinux Kernel Version2.6.22.21
LinuxLinux Kernel Version2.6.22.22
LinuxLinux Kernel Version2.6.23
LinuxLinux Kernel Version2.6.23 Updaterc1
LinuxLinux Kernel Version2.6.23 Updaterc2
LinuxLinux Kernel Version2.6.23 Updaterc3
LinuxLinux Kernel Version2.6.23 Updaterc4
LinuxLinux Kernel Version2.6.23 Updaterc5
LinuxLinux Kernel Version2.6.23 Updaterc6
LinuxLinux Kernel Version2.6.23 Updaterc7
LinuxLinux Kernel Version2.6.23 Updaterc8
LinuxLinux Kernel Version2.6.23 Updaterc9
LinuxLinux Kernel Version2.6.23.1
LinuxLinux Kernel Version2.6.23.2
LinuxLinux Kernel Version2.6.23.3
LinuxLinux Kernel Version2.6.23.4
LinuxLinux Kernel Version2.6.23.5
LinuxLinux Kernel Version2.6.23.6
LinuxLinux Kernel Version2.6.23.7
LinuxLinux Kernel Version2.6.24 Updaterc1
LinuxLinux Kernel Version2.6.24 Updaterc2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.82% 0.887
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/27703
Vendor Advisory
http://secunia.com/advisories/28170
Vendor Advisory
http://secunia.com/advisories/28706
Vendor Advisory
http://www.ubuntu.com/usn/usn-558-1
http://www.ubuntu.com/usn/usn-574-1
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html
http://secunia.com/advisories/27888
Vendor Advisory
http://secunia.com/advisories/29245
Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_63_kernel.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=96a2d41a3e495734b63bff4e5dd0112741b93b38
http://lwn.net/Articles/258947/
http://secunia.com/advisories/27664
Vendor Advisory
http://secunia.com/advisories/27919
Vendor Advisory
http://secunia.com/advisories/27922
Vendor Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8
Vendor Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc3
http://www.mandriva.com/security/advisories?name=MDVSA-2008:044
Vendor Advisory
http://www.securityfocus.com/bid/26474
Patch
http://www.vupen.com/english/advisories/2007/3902
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/38548
https://issues.rpath.com/browse/RPL-1965
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00032.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00170.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00302.html