7.8

CVE-2008-2136

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.4.0 < 2.4.36.5
LinuxLinux Kernel Version >= 2.6.0 < 2.6.25.3
DebianDebian Linux Version4.0
CanonicalUbuntu Linux Version6.06 SwEditionlts
CanonicalUbuntu Linux Version7.04
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.93% 0.91
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/33280
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0787.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
Third Party Advisory
http://secunia.com/advisories/30818
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
Third Party Advisory
http://secunia.com/advisories/30962
Third Party Advisory
http://secunia.com/advisories/33201
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0973.html
Third Party Advisory
http://secunia.com/advisories/31628
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0585.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
Third Party Advisory
http://secunia.com/advisories/30368
Third Party Advisory
http://secunia.com/advisories/31107
Third Party Advisory
http://www.debian.org/security/2008/dsa-1588
Third Party Advisory
http://www.ubuntu.com/usn/usn-625-1
Third Party Advisory
http://secunia.com/advisories/31341
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0612.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:167
Third Party Advisory
http://secunia.com/advisories/30276
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00294.html
Third Party Advisory
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
Vendor Advisory
http://secunia.com/advisories/30198
Third Party Advisory
http://secunia.com/advisories/30241
Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0169
Broken Link
http://www.vupen.com/english/advisories/2008/1543/references
Third Party Advisory
http://marc.info/?l=linux-netdev&m=121031533024912&w=2
Third Party Advisory
Mailing List
http://secunia.com/advisories/30499
Third Party Advisory
http://secunia.com/advisories/31198
Third Party Advisory
http://secunia.com/advisories/31689
Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-362.htm
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5
Vendor Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0607.html
Third Party Advisory
http://www.securityfocus.com/bid/29235
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020118
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/1716/references
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42451
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11038
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6503
Broken Link