CVE-2007-4567
6.2 Medium
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.07 Low
EPSS
Percentile
93.9%
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
References
bugzilla.kernel.org/show_bug.cgi?id=8450
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e76b2b2567b83448c2ee85a896433b96150c92e6
secunia.com/advisories/25505
secunia.com/advisories/28170
secunia.com/advisories/28706
secunia.com/advisories/38015
www.redhat.com/support/errata/RHSA-2010-0019.html
www.redhat.com/support/errata/RHSA-2010-0053.html
www.securityfocus.com/bid/26943
www.ubuntu.com/usn/usn-574-1
bugzilla.redhat.com/show_bug.cgi?id=548641
exchange.xforce.ibmcloud.com/vulnerabilities/39171
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11083
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7474
rhn.redhat.com/errata/RHSA-2010-0095.html
usn.ubuntu.com/558-1/
Social References
More
Related
6.2 Medium
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.07 Low
EPSS
Percentile
93.9%