blob: 2a7a48cfb5888fb75fcf9055de7b8b6e9eda87ab (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Candidate: CVE-2006-5619
References:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bcd620757d3a4ae78ef0ca41adb5d9e400ed92b6
Description:
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in
Linux kernel 2.6.16, 2.6.17, and 2.6.18-stable allows local users to
cause a denial of service (hang or oops) via unspecified manipulations
that trigger an infinite loop while searching for flowlabels.
Ubuntu-Description:
James Morris discovered that the ip6fl_get_n() function incorrectly
handled flow labels. A local attacker could exploit this to crash the
kernel.
Notes:
dannf> This code does not appear to be present in 2.4
Bugs:
upstream: released (2.6.18.2)
linux-2.6: released (2.6.18-4)
2.6.8-sarge-security: released (2.6.8-16sarge6) [ip6_flowlabel-lockup.dpatch]
2.4.27-sarge-security: N/A
2.6.12-breezy-security: released (2.6.12-10.41)
2.6.15-dapper-security: released (2.6.15-27.49)
2.6.17-edgy-security: released (2.6.17.1-10.34)
2.6.19-feisty: released
|