CVE-2007-5501

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=96a2d41a3e495734b63bff4e5dd0112741b93b38

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html

http://lwn.net/Articles/258947/

http://secunia.com/advisories/27664

http://secunia.com/advisories/27703

http://secunia.com/advisories/27888

http://secunia.com/advisories/27919

http://secunia.com/advisories/27922

http://secunia.com/advisories/28170

http://secunia.com/advisories/28706

http://secunia.com/advisories/29245

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc3

http://www.mandriva.com/security/advisories?name=MDVSA-2008:044

http://www.novell.com/linux/security/advisories/2007_63_kernel.html

http://www.securityfocus.com/bid/26474

http://www.ubuntu.com/usn/usn-558-1

http://www.ubuntu.com/usn/usn-574-1

http://www.vupen.com/english/advisories/2007/3902

https://exchange.xforce.ibmcloud.com/vulnerabilities/38548

https://issues.rpath.com/browse/RPL-1965

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00032.html

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00170.html

https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00302.html

Details

Source: MITRE

Published: 2007-11-15

Updated: 2017-07-29

Type: CWE-399

Risk Information

CVSS v2

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22:rc7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc8:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23:rc9:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
37602Mandrake Linux Security Advisory : kernel (MDKSA-2007:226)NessusMandriva Local Security Checks
high
36924Mandriva Linux Security Advisory : kernel (MDVSA-2008:044)NessusMandriva Local Security Checks
high
30183Ubuntu 6.10 / 7.04 / 7.10 : linux-source-2.6.17/20/22 vulnerabilities (USN-574-1)NessusUbuntu Local Security Checks
high
29740Ubuntu 6.10 / 7.04 / 7.10 : linux-source-2.6.17/20/22 vulnerabilities (USN-558-1)NessusUbuntu Local Security Checks
high
29285Fedora Core 6 : kernel-2.6.22.14-72.fc6 (2007-759)NessusFedora Local Security Checks
high
29264Fedora 7 : kernel-2.6.23.8-34.fc7 (2007-3751)NessusFedora Local Security Checks
high
29248openSUSE 10 Security Update : kernel (kernel-4749)NessusSuSE Local Security Checks
high
29193Fedora 8 : kernel-2.6.23.8-63.fc8 (2007-3837)NessusFedora Local Security Checks
high