Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-1388

The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference.

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugzilla.kernel...
CONFIRM: http://www.kernel.org/...
BID: 23142
SECUNIA: 24777
CONFIRM: https://issues.rpath.c...
SECUNIA: 24901
REDHAT: RHSA-2007:0169
SECUNIA: 25080
SUSE: SUSE-SA:2007:029
SECUNIA: 25099
UBUNTU: USN-464-1
SECUNIA: 25392
MANDRIVA: MDKSA-2007:078
VUPEN: ADV-2007-1122
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2007-1388

Related bugs

References