[email protected]CVE-2006-2446

HistoryAug 15, 2006 - 10:04 p.m.

CVE-2006-2446

2006-08-1522:04:00

[email protected]

web.nvd.nist.gov

cve-2006-2446

nvd

linux kernel

race condition

denial of service

crash

tcp stress tests

ltp test suite

5.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

7.3 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite.

Affected configurations

NVD

Node

linuxlinux_kernelMatch2.6.92.6.20

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.9

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.9

References

secunia.com/advisories/21465

secunia.com/advisories/22082

secunia.com/advisories/22093

secunia.com/advisories/22417

support.avaya.com/elmodocs2/security/ASA-2006-200.htm

www.debian.org/security/2006/dsa-1183

www.debian.org/security/2006/dsa-1184

www.mandriva.com/security/advisories?name=MDKSA-2007:025

www.redhat.com/support/errata/RHSA-2006-0575.html

www.securityfocus.com/bid/19475

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9117

5.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

7.3 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2006-2446

prion1 cvelist1 nvd1 ubuntucve1 osv2 openvas6 debian3 nessus4 centos1 redhat1