CVE-2007-4567HIGH
Description
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
References
http://bugzilla.kernel.org/show_bug.cgi?id=8450
http://secunia.com/advisories/25505
http://secunia.com/advisories/28170
http://secunia.com/advisories/28706
http://secunia.com/advisories/38015
http://www.redhat.com/support/errata/RHSA-2010-0019.html
http://www.redhat.com/support/errata/RHSA-2010-0053.html
http://www.securityfocus.com/bid/26943
http://www.ubuntu.com/usn/usn-574-1
https://bugzilla.redhat.com/show_bug.cgi?id=548641
https://exchange.xforce.ibmcloud.com/vulnerabilities/39171
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7474
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.4.36.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.20.21:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 2.6.21.7 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 89740 | VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check) | Nessus | VMware ESX Local Security Checks | critical |
| 79507 | OracleVM 2.2 : kernel (OVMSA-2013-0039) | Nessus | OracleVM Local Security Checks | critical |
| 67982 | Oracle Linux 5 : kernel (ELSA-2010-0019) | Nessus | Oracle Linux Local Security Checks | critical |
| 63915 | RHEL 5 : kernel (RHSA-2010:0079) | Nessus | Red Hat Local Security Checks | critical |
| 63913 | RHEL 5 : kernel (RHSA-2010:0053) | Nessus | Red Hat Local Security Checks | critical |
| 60717 | Scientific Linux Security Update : kernel on SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
| 46765 | VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updates | Nessus | VMware ESX Local Security Checks | critical |
| 43832 | CentOS 5 : kernel (CESA-2010:0019) | Nessus | CentOS Local Security Checks | critical |
| 43820 | RHEL 5 : kernel (RHSA-2010:0019) | Nessus | Red Hat Local Security Checks | critical |
| 30183 | Ubuntu 6.10 / 7.04 / 7.10 : linux-source-2.6.17/20/22 vulnerabilities (USN-574-1) | Nessus | Ubuntu Local Security Checks | high |
| 29740 | Ubuntu 6.10 / 7.04 / 7.10 : linux-source-2.6.17/20/22 vulnerabilities (USN-558-1) | Nessus | Ubuntu Local Security Checks | high |