Overview
The Linux Kernel contains a vulnerability that may allow a remote attacker to create a denial-of-service condition.
Description
Internet Protocol version 6 (IPv6) is a IP standard that is designed to replace the Internet Protocol version 4 (IPv4). The Linux kernel provides IPv6 support, and Linux vendors may enable IPv6 by default. The Linux kernel contains a condition that may allow a null pointer to be dereferenced during a memory allocation by the ipv6_getsockopt_sticky() function in net/ipv6/ipv6_sockglue.c. Note that this vulnerability may be present in both the 2.4 and 2.6 versions of the Linux kernel. |
Impact
A remote unauthenticated attacker may be able to cause the kernel to panic (Oops) on a vulnerable system, thereby creating a denial of service.. If the vulnerable software is running on a server, all clients that rely on the server will also be affected. |
Solution
Upgrade |
|
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://bugzilla.kernel.org/show_bug.cgi?id=8134
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2
- https://www.securecoding.cert.org/confluence/display/seccode/Do+not+dereference+invalid+pointers
- http://www.kernel.org/
- http://secunia.com/advisories/24493/
- http://en.wikipedia.org/wiki/Ipv6
- http://en.wikipedia.org/wiki/Ipv4
Acknowledgements
Thanks to Chris Wright for information that was used in this report.
This document was written by Ryan Giobbi.
Other Information
| CVE IDs: | CVE-2007-1000 |
| Severity Metric: | 3.71 |
| Date Public: | 2007-03-12 |
| Date First Published: | 2007-03-13 |
| Date Last Updated: | 2007-03-13 19:20 UTC |
| Document Revision: | 20 |