5 matches found
kernel: sit memory leak
Memory leak in the ipip6rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service memory consumption via network traffic to a Simple Internet Transition SIT tunnel interface, related to the pskbmaypull and...
kernel: sit memory leak
Memory leak in the ipip6rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service memory consumption via network traffic to a Simple Internet Transition SIT tunnel interface, related to the pskbmaypull and...
Linux Kernel ipip6_rcv()函数远程拒绝服务漏洞
BUGTRAQ ID: 29235 CVECAN ID: CVE-2008-2136 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/ipv6/sit.c文件中的ipip6rcv函数中存在内存泄露漏洞,如果远程攻击者向简单Internet传输(SIT)隧道接口发送了与pskbmaypull、kfreeskb函数和skb引用计数管理相关的恶意网络通讯的话,就可能触发这个漏洞,导致耗尽内存。 Linux kernel 2.6.25.3 Debian ------ Debian已经为此发布了一个安全公告(DSA-1588-2)以及相应补丁:...
CVE-2008-2136
Memory leak in the ipip6rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service memory consumption via network traffic to a Simple Internet Transition SIT tunnel interface, related to the pskbmaypull and...
CVE-2008-2136
The CVE-2008-2136 entry affects the Linux kernel SIT driver: a memory leak in ipip6_rcv (net/ipv6/sit.c) can be triggered by network traffic to a SIT tunnel, due to improper skb handling (pskb_may_pull and kfree_skb) and skb reference count management. Vulnerable on Linux kernel 2.4 up to 2.4.36....