Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-489-1
HistoryJul 19, 2007 - 12:00 a.m.

Linux kernel vulnerabilities

2007-07-1900:00:00
ubuntu.com
89

7.9 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.093 Low

EPSS

Percentile

94.6%

JSON

Releases

  • Ubuntu 6.06

Details

A flaw was discovered in dvb ULE decapsulation. A remote attacker could
send a specially crafted message and cause a denial of service.
(CVE-2006-4623)

The compat_sys_mount function allowed local users to cause a denial of
service when mounting a smbfs filesystem in compatibility mode.
(CVE-2006-7203)

The Omnikey CardMan 4040 driver (cm4040_cs) did not limit the size of
buffers passed to read() and write(). A local attacker could exploit
this to execute arbitrary code with kernel privileges. (CVE-2007-0005)

Due to an variable handling flaw in the ipv6_getsockopt_sticky()
function a local attacker could exploit the getsockopt() calls to read
arbitrary kernel memory. This could disclose sensitive data.
(CVE-2007-1000)

Ilja van Sprundel discovered that Bluetooth setsockopt calls could
leak kernel memory contents via an uninitialized stack buffer. A local
attacker could exploit this flaw to view sensitive kernel information.
(CVE-2007-1353)

A flaw was discovered in the handling of netlink messages. Local
attackers could cause infinite recursion leading to a denial of service.
(CVE-2007-1861)

The random number generator was hashing a subset of the available entropy,
leading to slightly less random numbers. Additionally, systems without
an entropy source would be seeded with the same inputs at boot time,
leading to a repeatable series of random numbers. (CVE-2007-2453)

A flaw was discovered in the PPP over Ethernet implementation. Local
attackers could manipulate ioctls and cause kernel memory consumption
leading to a denial of service. (CVE-2007-2525)

An integer underflow was discovered in the cpuset filesystem. If mounted,
local attackers could obtain kernel memory using large file offsets
while reading the tasks file. This could disclose sensitive data.
(CVE-2007-2875)

Vilmos Nebehaj discovered that the SCTP netfilter code did not correctly
validate certain states. A remote attacker could send a specially
crafted packet causing a denial of service. (CVE-2007-2876)

Luca Tettamanti discovered a flaw in the VFAT compat ioctls on 64-bit
systems. A local attacker could corrupt a kernel_dirent struct and
cause a denial of service. (CVE-2007-2878)

A flaw was discovered in the cluster manager. A remote attacker could
connect to the DLM port and block further DLM operations.
(CVE-2007-3380)

A flaw was discovered in the usblcd driver. A local attacker could
cause large amounts of kernel memory consumption, leading to a denial
of service. (CVE-2007-3513)

Related

nessus 43
openvas 41
securityvulns 10
ubuntu 4
centos 5
redhat 6
oraclelinux 5
osv 2
fedora 7
debian 2
suse 3
ubuntucve 13
veracode 12
cve 14
f5 6
prion 12
checkpoint_advisories 1
exploitpack 3
seebug 4
packetstorm 2
cert 1
exploitdb 3
nessus
nessus
Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerability (USN-489-1)
2007-11-10 00:00:00
Ubuntu 6.10 : linux-source-2.6.17 vulnerabilities (USN-486-1)
2007-11-10 00:00:00
RHEL 5 : kernel (RHSA-2007:0376)
2007-06-18 00:00:00
openvas
openvas
Ubuntu Update for linux-source-2.6.15 vulnerability USN-489-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-489-1)
2009-03-23 00:00:00
Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-486-1
2009-03-23 00:00:00
securityvulns
securityvulns
[USN-489-1] Linux kernel vulnerabilities
2007-07-19 00:00:00
Linux kernel multiple security vulnerabilities
2007-07-19 00:00:00
[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-08-17 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2007-07-18 00:00:00
Linux kernel vulnerabilities
2007-08-31 00:00:00
Linux kernel vulnerabilities
2007-06-08 00:00:00
centos
centos
kernel security update
2007-06-15 23:44:48
kernel security update
2007-06-26 23:50:36
kernel security update
2007-09-14 00:58:44
redhat
redhat
(RHSA-2007:0376) Important: kernel security and bug fix update
2007-06-14 00:00:00
(RHSA-2007:0488) Important: kernel security update
2007-06-25 00:00:00
(RHSA-2007:0705) Important: kernel security update
2007-09-13 00:00:00
oraclelinux
oraclelinux
Important: kernel security and bug fix update
2007-06-26 00:00:00
Important: kernel security update
2007-06-26 00:00:00
Important: kernel security update
2007-09-14 00:00:00
osv
osv
linux-2.6 - several vulnerabilities
2007-08-15 00:00:00
linux-2.6
2007-05-13 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: kernel-2.6.20-1.2962.fc6
2007-06-25 17:41:33
[SECURITY] Fedora Core 6 Update: kernel-2.6.20-1.2925.fc6
2007-03-14 20:19:42
[SECURITY] Fedora Core 5 Update: kernel-2.6.20-1.2320.fc5
2007-06-21 19:26:39
debian
debian
[SECURITY] [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-08-16 01:00:53
[SECURITY] [DSA 1289-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-05-13 11:33:16
suse
suse
remote denial of service in kernel
2007-07-09 14:31:09
remote denial of service in kernel
2007-09-06 17:18:55
local privilege escalation in kernel
2007-10-12 16:04:36
ubuntucve
ubuntucve
CVE-2006-7203
2007-05-14 00:00:00
CVE-2007-2878
2007-05-29 00:00:00
CVE-2007-2875
2007-06-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:18:10
Denial Of Service (DoS)
2020-04-10 00:20:02
Denial Of Service (DoS)
2020-04-10 00:20:01
cve
cve
CVE-2006-7203
2007-05-14 17:19:00
CVE-2007-2878
2007-05-29 20:30:00
CVE-2007-3513
2007-07-03 10:30:00
f5
f5
K8923 : Linux kernel vulnerability CVE-2007-2875
2013-03-18 00:00:00
K8919 : Linux kernel vulnerability CVE-2007-2878
2013-03-18 00:00:00
SOL8919 - Linux kernel vulnerability CVE-2007-2878
2008-06-30 00:00:00
prion
prion
Memory corruption
2007-07-03 10:30:00
Code injection
2007-05-29 20:30:00
Integer overflow
2007-06-11 22:30:00
checkpoint_advisories
checkpoint_advisories
Linux Kernel NetFilter SCTP Unknown Chunk Types Denial of Service (CVE-2007-2876)
2010-03-17 00:00:00
exploitpack
exploitpack
Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow (PoC)
2007-03-09 00:00:00
Man Command - -H Flag Local Buffer Overflow
2007-04-06 00:00:00
Linux Kernel 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak
2007-07-10 00:00:00
seebug
seebug
Linux Omnikey Cardman 4040 driver Local Buffer Overflow Exploit PoC
2007-03-09 00:00:00
Man Command -H Flag Local Buffer Overflow Vulnerability
2014-07-01 00:00:00
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC
2014-07-01 00:00:00
packetstorm
packetstorm
csa-driver.txt
2007-03-13 00:00:00
linux-26202.txt
2007-07-11 00:00:00
cert
cert
Linux Kernel vulnerable to DoS via the ipv6_getsockopt_sticky() function
2007-03-13 00:00:00
exploitdb
exploitdb
Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow (PoC)
2007-03-09 00:00:00
Man Command - -H Flag Local Buffer Overflow
2007-04-06 00:00:00
Linux Kernel &lt; 2.6.20.2 - &#039;IPv6_Getsockopt_Sticky&#039; Memory Leak
2007-07-10 00:00:00

7.9 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.093 Low

EPSS

Percentile

94.6%

JSON
Related for USN-489-1
nessus43openvas41securityvulns10ubuntu4centos5redhat6oraclelinux5osv2fedora7debian2suse3ubuntucve13veracode12cve14f56prion12checkpoint_advisories1exploitpack3seebug4packetstorm2cert1exploitdb3