Home > Vulnerability Database > CVE-2007-1592

Mend.io Vulnerability Database

CVE-2007-1592

Date: March 22, 2007

net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.

Severity Score

6.2

Related Resources (42)

Url: http://www.securityfocus.com/bid/23104

Url: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478

Url: http://www.ubuntu.com/usn/usn-464-1

Url: http://www.vupen.com/english/advisories/2007/1084

Url: http://marc.info/?l=linux-netdev&m=117406721731891&w=2

Url: https://access.redhat.com/security/cve/CVE-2007-1592

Url: http://www.debian.org/security/2007/dsa-1304

Url: http://www.debian.org/security/2007/dsa-1286

Url: http://www.debian.org/security/2008/dsa-1503

Url: http://secunia.com/advisories/25714

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-1592

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:051

Url: http://rhn.redhat.com/errata/RHSA-2007-0436.html

Url: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2007:078

Url: http://www.redhat.com/support/errata/RHSA-2007-0673.html

Url: http://secunia.com/advisories/25078

Url: http://rhn.redhat.com/errata/RHBA-2007-0304.html

Url: http://secunia.com/advisories/25099

Url: http://secunia.com/advisories/29058

Url: http://secunia.com/advisories/25630

Url: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d35690beda1429544d46c8eb34b2e3a8c37ab299

Url: http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10130

Url: http://www.novell.com/linux/security/advisories/2007_30_kernel.html

Url: http://secunia.com/advisories/25392

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/33176

Url: http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html

Url: http://www.redhat.com/support/errata/RHSA-2007-0672.html

Url: http://www.novell.com/linux/security/advisories/2007_35_kernel.html

Url: http://secunia.com/advisories/27528

Url: http://secunia.com/advisories/24777

Url: http://secunia.com/advisories/24618

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-1592

Url: http://secunia.com/advisories/25683

Url: http://www.novell.com/linux/security/advisories/2007_43_kernel.html

Url: http://secunia.com/advisories/25288

Url: http://secunia.com/advisories/25226

Url: http://www.redhat.com/support/errata/RHSA-2007-0347.html

Url: http://secunia.com/advisories/26379

Url: http://secunia.com/advisories/25961

Url: https://www.mend.io/vulnerability-database/CVE-2007-1592

Severity Score

6.2

Weakness Type (CWE)

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-119

CVSS v3.1

Base Score:	6.2
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	4.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-1592

Date: March 22, 2007

Severity Score

Related Resources (42)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?