Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-2136
HistoryMay 16, 2008 - 12:00 a.m.

CVE-2008-2136

2008-05-1600:00:00
ubuntu.com
ubuntu.com
38

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.899

Percentile

98.8%

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel
2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to
cause a denial of service (memory consumption) via network traffic to a
Simple Internet Transition (SIT) tunnel interface, related to the
pskb_may_pull and kfree_skb functions, and management of an skb reference
count.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux<Β 2.6.24-19.36UNKNOWN
ubuntu6.06noarchlinux-source-2.6.15<Β 2.6.15-52.69UNKNOWN
ubuntu7.04noarchlinux-source-2.6.20<Β 2.6.20-17.37UNKNOWN
ubuntu7.10noarchlinux-source-2.6.22<Β 2.6.22-15.56UNKNOWN

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.899

Percentile

98.8%