Description
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Canonical / Ubuntu Linux6.10 – 6.10
- Canonical / Ubuntu Linux5.10 – 5.10
- Canonical / Ubuntu Linux6.06 – 6.06
- Linux / Linux kernel2.6.18
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux3 – 3
- RedHat / enterprise_linux4 – 4
References
- MISChttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265
- MISChttp://www.securityfocus.com/bid/20363
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:025
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2006_79_kernel.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/22253
- MISChttp://www.redhat.com/support/errata/RHSA-2007-0012.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/22279
- VENDOR_ADVISORYhttp://secunia.com/advisories/23788
- VENDOR_ADVISORYhttp://secunia.com/advisories/22292
- MISChttp://www.redhat.com/support/errata/RHSA-2007-0013.html
- MISChttp://www.redhat.com/support/errata/RHSA-2006-0689.html
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:012
- MISChttp://securitytracker.com/id?1017526
- VENDOR_ADVISORYhttp://secunia.com/advisories/23384
- MISChttp://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fe26109a9dfd9327fdbe630fc819e1b7450986b2
- VENDOR_ADVISORYhttp://secunia.com/advisories/23752
- VENDOR_ADVISORYhttp://www.us.debian.org/security/2006/dsa-1237
- VENDOR_ADVISORYhttp://secunia.com/advisories/22762
- VENDOR_ADVISORYhttp://secunia.com/advisories/24288
- VENDOR_ADVISORYhttp://secunia.com/advisories/23474
- VENDOR_ADVISORYhttp://secunia.com/advisories/23064
- VENDOR_ADVISORYhttp://www.us.debian.org/security/2006/dsa-1233
- VENDOR_ADVISORYhttp://secunia.com/advisories/23370
- MISChttp://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/3999
- MISChttp://support.avaya.com/elmodocs2/security/ASA-2007-078.htm
- MISChttp://www.securityfocus.com/archive/1/471457
- MISChttp://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10388
- VENDOR_ADVISORYhttp://secunia.com/advisories/22497
- VENDOR_ADVISORYhttp://secunia.com/advisories/22945
- MISChttp://www.redhat.com/support/errata/RHSA-2006-0710.html
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-395-1
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/3937
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:197
- VENDOR_ADVISORYhttp://secunia.com/advisories/23395
- VENDOR_ADVISORYhttp://secunia.com/advisories/25691
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/29387