Lucene search

[email protected]CVE-2006-6333

HistoryDec 06, 2006 - 10:28 p.m.

CVE-2006-6333

2006-12-0622:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6333

linux kernel

ibmtr.c

denial of service

memory corruption

crafted packets

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.5 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.5%

JSON

The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset.

Affected configurations

NVD

Node

linuxlinux_kernelMatch2.6.19

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.19

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.19

References

secunia.com/advisories/23254

www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0d97e10ccac580e16d3dffbe4a9a88144360e64a%3Bhp=bfe59865b1dd50e5c4dbd4cefe506a31e1495a1a%3Bhb=ee28b0da1069ced1688aa9d0b7b378353b988321%3Bf=drivers/net/tokenring/ibmtr.c

www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee28b0da1069ced1688aa9d0b7b378353b988321

www.securityfocus.com/bid/21490

www.vupen.com/english/advisories/2006/4907

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.5 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.5%

JSON

Related for CVE-2006-6333

cvelist1 ubuntucve1 nvd1