VDB
CVE-2007-1592
CVE-2007-1592
PUBLISHED
Reported by mitre · Published March 22, 2007
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Mar 22, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- RHSA-2007:0436 vendor-advisoryx_refsource_REDHAT
- DSA-1286 vendor-advisoryx_refsource_DEBIAN
- RHSA-2007:0347 vendor-advisoryx_refsource_REDHAT
- [linux-netdev] 20070316 [PATCH 2.6.21-rc3] IPV6: ipv6_fl_socklist is inadvertently shared. mailing-listx_refsource_MLIST
- USN-464-1 vendor-advisoryx_refsource_UBUNTU
- SUSE-SA:2007:043 vendor-advisoryx_refsource_SUSE
- MDKSA-2007:078 vendor-advisoryx_refsource_MANDRIVA
- RHSA-2007:0673 vendor-advisoryx_refsource_REDHAT
- 24777 third-party-advisoryx_refsource_SECUNIA
- 23104 vdb-entryx_refsource_BID
- 27528 third-party-advisoryx_refsource_SECUNIA
- 26379 third-party-advisoryx_refsource_SECUNIA
- 25226 third-party-advisoryx_refsource_SECUNIA
- SUSE-SA:2007:029 vendor-advisoryx_refsource_SUSE
- 24618 third-party-advisoryx_refsource_SECUNIA
- 25683 third-party-advisoryx_refsource_SECUNIA
- ADV-2007-1084 vdb-entryx_refsource_VUPEN
- MDVSA-2011:051 vendor-advisoryx_refsource_MANDRIVA
- 25288 third-party-advisoryx_refsource_SECUNIA
- x_refsource_MISC
…and 18 more