7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.048 Low
EPSS
Percentile
92.6%
Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel
2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket,
allows remote attackers to cause a denial of service (kernel panic) via a
SYN packet while the socket is in a listening (TCP_LISTEN) state, which is
not properly handled and causes the skb structure to be freed.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | linux-source-2.6.15 | <Β 2.6.15-55.84 | UNKNOWN |