diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2007-06-18 20:50:10 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2007-06-18 20:50:10 +0000 |
commit | 66e9280ca5cf2d0564f2e920edeb67de79eb167b (patch) | |
tree | 4c4658a4754b2d53cf4fea102a813f3de7509b5e /retired/CVE-2007-1496 | |
parent | e47152e7970e6e33166d5f1cc075f992ee6e7f48 (diff) |
retire CVE-2007-1496
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@858 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2007-1496')
-rw-r--r-- | retired/CVE-2007-1496 | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/retired/CVE-2007-1496 b/retired/CVE-2007-1496 new file mode 100644 index 00000000..147102c1 --- /dev/null +++ b/retired/CVE-2007-1496 @@ -0,0 +1,24 @@ +Candidate: CVE-2007-1496 +References: + http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dd16704eba171b32ef0cded3a4f562b33b911066 +Description: + nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows + attackers to cause a denial of service (crash) via unspecified + vectors involving the (1) nfulnl_recv_config function, (2) using + "multiple packets per netlink message", and (3) bridged packets, + which trigger a NULL pointer dereference. +Ubuntu-Description: + A Denial of Service vulnerability was discovered in the + nfnetlink_log() netfilter function. A remote attacker could exploit + this to trigger a kernel crash. +Notes: + dannf> file doesn't exist in 2.4.27/2.6.8 +Bugs: +upstream: released (2.6.20.3, 2.6.21) +linux-2.6: released (2.6.20-1) +2.6.18-etch-security: released (2.6.18.dfsg.1-12etch2) [bugfix/nfnetlink_log-null-deref.patch] +2.6.8-sarge-security: N/A +2.4.27-sarge-security: N/A +2.6.15-dapper-security: released (2.6.15-28.53) +2.6.17-edgy-security: released (2.6.17.1-11.38) +2.6.20-feisty-security: N/A |