Linux Kernel ATM clip_mkip() Function Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1017526 |
|
SecurityTracker URL: http://securitytracker.com/id/1017526
|
|
CVE Reference:
CVE-2006-4997
(Links to External Site)
|
Date: Jan 17 2007
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2.6
|
Description:
A vulnerability was reported in Linux Kernel in the ATM subsystem. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to access socket buffer memory that has been freed, triggering a kernel panic.
Only systems with ATM hardware installed and configured for ATM support are affected.
The vulnerability resides in the clip_mkip() function in 'net/atm/clip.c'.
|
Impact:
A remote user can cause a kernel panic.
|
Solution:
A source code fix is available at:
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fe26109a9dfd9327fdbe630fc819e1b7450986b2
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Wed, 17 Jan 2007 08:15:02 -0500
Subject: Linux kernel
|
CVE-2006-4997
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows
remote attackers to cause a denial of service (panic) via unknown vectors that cause
the ATM subsystem to access the memory of socket buffers after they are freed (freed
pointer dereference).
|
|
