Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5501

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2007-5501
Last Modified 19 Mar 2012 12:00:00
Published 15 Nov 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5501

Summary

The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.21

  • Linux Kernel 2.6.21.1

  • Linux Kernel 2.6.21.2

  • Linux Kernel 2.6.21.3

  • Linux Kernel 2.6.21.4

  • Linux Kernel 2.6.21.5

  • Linux Kernel 2.6.21.6

  • Linux Kernel 2.6.21.7

  • Linux Kernel 2.6.22

  • Linux Kernel 2.6.22.1

  • Linux Kernel 2.6.22.10

  • Linux Kernel 2.6.22.11

  • Linux Kernel 2.6.22.12

  • Linux Kernel 2.6.22.13

  • Linux Kernel 2.6.22.14

  • Linux Kernel 2.6.22.15

  • Linux Kernel 2.6.22.16

  • Linux Kernel 2.6.22.17

  • Linux Kernel 2.6.22.18

  • Linux Kernel 2.6.22.19

  • Linux Kernel 2.6.22.2

  • Linux Kernel 2.6.22.20

  • Linux Kernel 2.6.22.21

  • Linux Kernel 2.6.22.22

  • Linux Kernel 2.6.22.3

  • Linux Kernel 2.6.22.4

  • Linux Kernel 2.6.22.5

  • Linux Kernel 2.6.22.6

  • Linux Kernel 2.6.22.7

  • Linux Kernel 2.6.22.8

  • Linux Kernel 2.6.22.9

  • Linux Kernel 2.6.23

  • Linux Kernel 2.6.23.1

  • Linux Kernel 2.6.23.2

  • Linux Kernel 2.6.23.3

  • Linux Kernel 2.6.23.4

  • Linux Kernel 2.6.23.5

  • Linux Kernel 2.6.23.6

  • Linux Kernel 2.6.23.7

  • Linux Kernel 2.6.24


References

BID - 26474

FEDORA - FEDORA-2007-759

FEDORA - FEDORA-2007-3751

FEDORA - FEDORA-2007-3837

CONFIRM - https://issues.rpath.com/browse/RPL-1965

XF - linux-kernel-tcpsacktagwritequeue-dos(38548)

VUPEN - ADV-2007-3902

UBUNTU - USN-574-1

UBUNTU - USN-558-1

SUSE - SUSE-SA:2007:063

MANDRIVA - MDVSA-2008:044

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8

SECUNIA - 29245

SECUNIA - 28706

SECUNIA - 28170

SECUNIA - 27922

SECUNIA - 27919

SECUNIA - 27888

SECUNIA - 27703

SECUNIA - 27664

MLIST - [linux-kernel] 20071116 Linux 2.6.23.8

SUSE - SUSE-SA:2008:013

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=96a2d41a3e495734b63bff4e5dd0112741b93b38


Last Updated: 27 May 2016 10:57:29