Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4886

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2005-4886
Last Modified 28 Apr 2010 12:42:45
Published 26 Feb 2010 02:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4886

Summary

The selinux_parse_skb_ipv6 function in security/selinux/hooks.c in the Linux kernel before 2.6.12-rc4 allows remote attackers to cause a denial of service (OOPS) via vectors associated with an incorrect call to the ipv6_skip_exthdr function.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11.1

  • Linux Kernel 2.6.11.10

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.12

  • Linux Kernel 2.6.11.2

  • Linux Kernel 2.6.11.3

  • Linux Kernel 2.6.11.4

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.11.9

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.8.1

  • Linux Kernel 2.6.9


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=160117

XF - kernel-selinuxparseskbipv6-dos(56614)

MLIST - [oss-security] 20100222 CVE-2005-4886 assigned to old remote oops

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.12/ChangeLog-2.6.12-rc4

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0d3d077cd4f1154e63a9858e47fe3fb1ad0c03e5


Last Updated: 27 May 2016 10:41:28