Lucene search

K
nvd[email protected]NVD:CVE-2008-2136
HistoryMay 16, 2008 - 12:54 p.m.

CVE-2008-2136

2008-05-1612:54:00
CWE-399
web.nvd.nist.gov
11

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

7.1

Confidence

High

EPSS

0.899

Percentile

98.8%

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.

Affected configurations

Nvd
Node
linuxlinux_kernelRange2.4.0–2.4.36.5
OR
linuxlinux_kernelRange2.6.0–2.6.25.3
Node
debiandebian_linuxMatch4.0
Node
canonicalubuntu_linuxMatch6.06lts
OR
canonicalubuntu_linuxMatch7.04
OR
canonicalubuntu_linuxMatch7.10
OR
canonicalubuntu_linuxMatch8.04lts
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
debiandebian_linux4.0cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
canonicalubuntu_linux6.06cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
canonicalubuntu_linux7.04cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
canonicalubuntu_linux7.10cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
canonicalubuntu_linux8.04cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

References

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

7.1

Confidence

High

EPSS

0.899

Percentile

98.8%