ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
ΠΡΡΠ΅Ρ
This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and Red Hat Enterprise MRG. Shipped kernels do not include upstream commit a11d206d that introduced the problem. This upstream commit was backported in Red Hat Enterprise Linux 5 via RHBA-2008:0314. It was reported and addressed in Red Hat Enterprise Linux 5 via RHSA-2010:0019.
Π‘ΡΡΠ»ΠΊΠΈ Π½Π° ΠΈΡΡΠΎΡΠ½ΠΈΠΊΠΈ
ΠΠΎΠΏΠΎΠ»Π½ΠΈΡΠ΅Π»ΡΠ½Π°Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ
Π‘ΡΠ°ΡΡΡ:
EPSS
7.8 High
CVSS2
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel ...
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
ELSA-2010-0019: kernel security update (IMPORTANT)
EPSS
7.8 High
CVSS2