Описание
Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets.
Отчет
This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2012-0480.html. A future kernel update for Red Hat Enterprise Linux 4 may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Affected | ||
| Red Hat Enterprise Linux 5 | kernel | Fixed | RHSA-2012:0480 | 17.04.2012 |
| Red Hat Enterprise Linux 5.6 EUS - Server Only | kernel | Fixed | RHSA-2012:0720 | 12.06.2012 |
Показывать по
Дополнительная информация
Статус:
7.8 High
CVSS2
Связанные уязвимости
Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets.
Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets.
Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6 ...
Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets.
ELSA-2012-0480: kernel security, bug fix, and enhancement update (IMPORTANT)
7.8 High
CVSS2