7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.5 Medium
AI Score
Confidence
High
0.01 Low
EPSS
Percentile
83.5%
The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset.
CPE | Name | Operator | Version |
---|---|---|---|
linux:linux_kernel | linux linux kernel | eq | 2.6.19 |
secunia.com/advisories/23254
www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=blobdiff%3Bh=0d97e10ccac580e16d3dffbe4a9a88144360e64a%3Bhp=bfe59865b1dd50e5c4dbd4cefe506a31e1495a1a%3Bhb=ee28b0da1069ced1688aa9d0b7b378353b988321%3Bf=drivers/net/tokenring/ibmtr.c
www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee28b0da1069ced1688aa9d0b7b378353b988321
www.securityfocus.com/bid/21490
www.vupen.com/english/advisories/2006/4907