Lucene search

K
ubuntucveUbuntu.comUB:CVE-2007-1592
HistoryMar 22, 2007 - 12:00 a.m.

CVE-2007-1592

2007-03-2200:00:00
ubuntu.com
ubuntu.com
12

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.001

Percentile

30.6%

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently
copies the ipv6_fl_socklist from a listening TCP socket to child sockets,
which allows local users to cause a denial of service (OOPS) or double free
by opening a listening IPv6 socket, attaching a flow label, and connecting
to that socket.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlinux-source-2.6.15< 2.6.15-29.58UNKNOWN
ubuntu6.10noarchlinux-source-2.6.17< 2.6.17.1-12.40UNKNOWN
ubuntu7.04noarchlinux-source-2.6.20< 2.6.20-16.31UNKNOWN

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.001

Percentile

30.6%