ID CVE-2010-0437
Summary The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors.
References
Vulnerable Configurations
  • Linux Kernel 2.6.0
    cpe:2.3:o:linux:linux_kernel:2.6.0
  • Linux Kernel 2.6.1
    cpe:2.3:o:linux:linux_kernel:2.6.1
  • Linux Kernel 2.6.2
    cpe:2.3:o:linux:linux_kernel:2.6.2
  • Linux Kernel 2.6.3
    cpe:2.3:o:linux:linux_kernel:2.6.3
  • Linux Kernel 2.6.4
    cpe:2.3:o:linux:linux_kernel:2.6.4
  • Linux Kernel 2.6.5
    cpe:2.3:o:linux:linux_kernel:2.6.5
  • Linux Kernel 2.6.6
    cpe:2.3:o:linux:linux_kernel:2.6.6
  • Linux Kernel 2.6.7
    cpe:2.3:o:linux:linux_kernel:2.6.7
  • Linux Kernel 2.6.8
    cpe:2.3:o:linux:linux_kernel:2.6.8
  • Linux Kernel 2.6.8.1
    cpe:2.3:o:linux:linux_kernel:2.6.8.1
  • Linux Kernel 2.6.9
    cpe:2.3:o:linux:linux_kernel:2.6.9
  • Linux Kernel 2.6.9 Release Candidate 1
    cpe:2.3:o:linux:linux_kernel:2.6.9:rc1
  • Linux Kernel 2.6.9 Release Candidate 2
    cpe:2.3:o:linux:linux_kernel:2.6.9:rc2
  • Linux Kernel 2.6.9 Release Candidate 3
    cpe:2.3:o:linux:linux_kernel:2.6.9:rc3
  • Linux Kernel 2.6.9 Release Candidate 4
    cpe:2.3:o:linux:linux_kernel:2.6.9:rc4
  • Linux Kernel 2.6.10
    cpe:2.3:o:linux:linux_kernel:2.6.10
  • Linux Kernel 2.6.11
    cpe:2.3:o:linux:linux_kernel:2.6.11
  • Linux Kernel 2.6.11.1
    cpe:2.3:o:linux:linux_kernel:2.6.11.1
  • Linux Kernel 2.6.11.2
    cpe:2.3:o:linux:linux_kernel:2.6.11.2
  • Linux Kernel 2.6.11.3
    cpe:2.3:o:linux:linux_kernel:2.6.11.3
  • Linux Kernel 2.6.11.4
    cpe:2.3:o:linux:linux_kernel:2.6.11.4
  • Linux Kernel 2.6.11.5
    cpe:2.3:o:linux:linux_kernel:2.6.11.5
  • Linux Kernel 2.6.11.6
    cpe:2.3:o:linux:linux_kernel:2.6.11.6
  • Linux Kernel 2.6.11.7
    cpe:2.3:o:linux:linux_kernel:2.6.11.7
  • Linux Kernel 2.6.11.8
    cpe:2.3:o:linux:linux_kernel:2.6.11.8
  • Linux Kernel 2.6.11.9
    cpe:2.3:o:linux:linux_kernel:2.6.11.9
  • Linux Kernel 2.6.11.10
    cpe:2.3:o:linux:linux_kernel:2.6.11.10
  • Linux Kernel 2.6.11.11
    cpe:2.3:o:linux:linux_kernel:2.6.11.11
  • Linux Kernel 2.6.11.12
    cpe:2.3:o:linux:linux_kernel:2.6.11.12
  • Linux Kernel 2.6.12
    cpe:2.3:o:linux:linux_kernel:2.6.12
  • Linux Kernel 2.6.12.1
    cpe:2.3:o:linux:linux_kernel:2.6.12.1
  • Linux Kernel 2.6.12.2
    cpe:2.3:o:linux:linux_kernel:2.6.12.2
  • Linux Kernel 2.6.12.3
    cpe:2.3:o:linux:linux_kernel:2.6.12.3
  • Linux Kernel 2.6.12.4
    cpe:2.3:o:linux:linux_kernel:2.6.12.4
  • Linux Kernel 2.6.12.5
    cpe:2.3:o:linux:linux_kernel:2.6.12.5
  • Linux Kernel 2.6.12.6
    cpe:2.3:o:linux:linux_kernel:2.6.12.6
  • Linux Kernel 2.6.13
    cpe:2.3:o:linux:linux_kernel:2.6.13
  • Linux Kernel 2.6.13.1
    cpe:2.3:o:linux:linux_kernel:2.6.13.1
  • Linux Kernel 2.6.13.2
    cpe:2.3:o:linux:linux_kernel:2.6.13.2
  • Linux Kernel 2.6.13.3
    cpe:2.3:o:linux:linux_kernel:2.6.13.3
  • Linux Kernel 2.6.13.4
    cpe:2.3:o:linux:linux_kernel:2.6.13.4
  • Linux Kernel 2.6.13.5
    cpe:2.3:o:linux:linux_kernel:2.6.13.5
  • Linux Kernel 2.6.14
    cpe:2.3:o:linux:linux_kernel:2.6.14
  • Linux Kernel 2.6.14.1
    cpe:2.3:o:linux:linux_kernel:2.6.14.1
  • Linux Kernel 2.6.14.2
    cpe:2.3:o:linux:linux_kernel:2.6.14.2
  • Linux Kernel 2.6.14.3
    cpe:2.3:o:linux:linux_kernel:2.6.14.3
  • Linux Kernel 2.6.14.4
    cpe:2.3:o:linux:linux_kernel:2.6.14.4
  • Linux Kernel 2.6.14.5
    cpe:2.3:o:linux:linux_kernel:2.6.14.5
  • Linux Kernel 2.6.14.6
    cpe:2.3:o:linux:linux_kernel:2.6.14.6
  • Linux Kernel 2.6.14.7
    cpe:2.3:o:linux:linux_kernel:2.6.14.7
  • Linux Kernel 2.6.15
    cpe:2.3:o:linux:linux_kernel:2.6.15
  • Linux Kernel 2.6.15.1
    cpe:2.3:o:linux:linux_kernel:2.6.15.1
  • Linux Kernel 2.6.15.2
    cpe:2.3:o:linux:linux_kernel:2.6.15.2
  • Linux Kernel 2.6.15.3
    cpe:2.3:o:linux:linux_kernel:2.6.15.3
  • Linux Kernel 2.6.15.4
    cpe:2.3:o:linux:linux_kernel:2.6.15.4
  • Linux Kernel 2.6.15.5
    cpe:2.3:o:linux:linux_kernel:2.6.15.5
  • Linux Kernel 2.6.15.6
    cpe:2.3:o:linux:linux_kernel:2.6.15.6
  • Linux Kernel 2.6.15.7
    cpe:2.3:o:linux:linux_kernel:2.6.15.7
  • Linux Kernel 2.6.16
    cpe:2.3:o:linux:linux_kernel:2.6.16
  • Linux Kernel 2.6.16.1
    cpe:2.3:o:linux:linux_kernel:2.6.16.1
  • Linux Kernel 2.6.16.2
    cpe:2.3:o:linux:linux_kernel:2.6.16.2
  • Linux Kernel 2.6.16.3
    cpe:2.3:o:linux:linux_kernel:2.6.16.3
  • Linux Kernel 2.6.16.4
    cpe:2.3:o:linux:linux_kernel:2.6.16.4
  • Linux Kernel 2.6.16.5
    cpe:2.3:o:linux:linux_kernel:2.6.16.5
  • Linux Kernel 2.6.16.6
    cpe:2.3:o:linux:linux_kernel:2.6.16.6
  • Linux Kernel 2.6.16.7
    cpe:2.3:o:linux:linux_kernel:2.6.16.7
  • Linux Kernel 2.6.16.8
    cpe:2.3:o:linux:linux_kernel:2.6.16.8
  • Linux Kernel 2.6.16.9
    cpe:2.3:o:linux:linux_kernel:2.6.16.9
  • Linux Kernel 2.6.16.10
    cpe:2.3:o:linux:linux_kernel:2.6.16.10
  • Linux Kernel 2.6.16.11
    cpe:2.3:o:linux:linux_kernel:2.6.16.11
  • Linux Kernel 2.6.16.12
    cpe:2.3:o:linux:linux_kernel:2.6.16.12
  • Linux Kernel 2.6.16.13
    cpe:2.3:o:linux:linux_kernel:2.6.16.13
  • Linux Kernel 2.6.16.14
    cpe:2.3:o:linux:linux_kernel:2.6.16.14
  • Linux Kernel 2.6.16.15
    cpe:2.3:o:linux:linux_kernel:2.6.16.15
  • Linux Kernel 2.6.16.16
    cpe:2.3:o:linux:linux_kernel:2.6.16.16
  • Linux Kernel 2.6.16.17
    cpe:2.3:o:linux:linux_kernel:2.6.16.17
  • Linux Kernel 2.6.16.18
    cpe:2.3:o:linux:linux_kernel:2.6.16.18
  • Linux Kernel 2.6.16.19
    cpe:2.3:o:linux:linux_kernel:2.6.16.19
  • Linux Kernel 2.6.16.20
    cpe:2.3:o:linux:linux_kernel:2.6.16.20
  • Linux Kernel 2.6.16.21
    cpe:2.3:o:linux:linux_kernel:2.6.16.21
  • Linux Kernel 2.6.16.22
    cpe:2.3:o:linux:linux_kernel:2.6.16.22
  • Linux Kernel 2.6.16.23
    cpe:2.3:o:linux:linux_kernel:2.6.16.23
  • Linux Kernel 2.6.16.24
    cpe:2.3:o:linux:linux_kernel:2.6.16.24
  • Linux Kernel 2.6.16.25
    cpe:2.3:o:linux:linux_kernel:2.6.16.25
  • Linux Kernel 2.6.16.26
    cpe:2.3:o:linux:linux_kernel:2.6.16.26
  • Linux Kernel 2.6.16.27
    cpe:2.3:o:linux:linux_kernel:2.6.16.27
  • Linux Kernel 2.6.16.28
    cpe:2.3:o:linux:linux_kernel:2.6.16.28
  • Linux Kernel 2.6.16.29
    cpe:2.3:o:linux:linux_kernel:2.6.16.29
  • Linux Kernel 2.6.16.30
    cpe:2.3:o:linux:linux_kernel:2.6.16.30
  • Linux Kernel 2.6.16.31
    cpe:2.3:o:linux:linux_kernel:2.6.16.31
  • cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc1
    cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc1
  • cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc2
    cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc2
  • cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc3
    cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc3
  • cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc4
    cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc4
  • cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc5
    cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc5
  • Linux Kernel 2.6.16.32
    cpe:2.3:o:linux:linux_kernel:2.6.16.32
  • Linux Kernel 2.6.16.33
    cpe:2.3:o:linux:linux_kernel:2.6.16.33
  • Linux Kernel 2.6.16.34
    cpe:2.3:o:linux:linux_kernel:2.6.16.34
  • Linux Kernel 2.6.16.35
    cpe:2.3:o:linux:linux_kernel:2.6.16.35
  • Linux Kernel 2.6.16.36
    cpe:2.3:o:linux:linux_kernel:2.6.16.36
  • Linux Kernel 2.6.16.37
    cpe:2.3:o:linux:linux_kernel:2.6.16.37
  • Linux Kernel 2.6.16.38
    cpe:2.3:o:linux:linux_kernel:2.6.16.38
  • Linux Kernel 2.6.16.39
    cpe:2.3:o:linux:linux_kernel:2.6.16.39
  • Linux Kernel 2.6.16.40
    cpe:2.3:o:linux:linux_kernel:2.6.16.40
  • Linux Kernel 2.6.16.41
    cpe:2.3:o:linux:linux_kernel:2.6.16.41
  • Linux Kernel 2.6.16.42
    cpe:2.3:o:linux:linux_kernel:2.6.16.42
  • Linux Kernel 2.6.16.43
    cpe:2.3:o:linux:linux_kernel:2.6.16.43
  • Linux Kernel 2.6.16.44
    cpe:2.3:o:linux:linux_kernel:2.6.16.44
  • Linux Kernel 2.6.16.45
    cpe:2.3:o:linux:linux_kernel:2.6.16.45
  • Linux Kernel 2.6.16.46
    cpe:2.3:o:linux:linux_kernel:2.6.16.46
  • Linux Kernel 2.6.16.47
    cpe:2.3:o:linux:linux_kernel:2.6.16.47
  • Linux Kernel 2.6.16.48
    cpe:2.3:o:linux:linux_kernel:2.6.16.48
  • Linux Kernel 2.6.16.49
    cpe:2.3:o:linux:linux_kernel:2.6.16.49
  • Linux Kernel 2.6.16.50
    cpe:2.3:o:linux:linux_kernel:2.6.16.50
  • Linux Kernel 2.6.16.51
    cpe:2.3:o:linux:linux_kernel:2.6.16.51
  • Linux Kernel 2.6.16.52
    cpe:2.3:o:linux:linux_kernel:2.6.16.52
  • Linux Kernel 2.6.16.53
    cpe:2.3:o:linux:linux_kernel:2.6.16.53
  • Linux Kernel 2.6.16.54
    cpe:2.3:o:linux:linux_kernel:2.6.16.54
  • Linux Kernel 2.16.55
    cpe:2.3:o:linux:linux_kernel:2.6.16.55
  • Linux Kernel 2.6.16.56
    cpe:2.3:o:linux:linux_kernel:2.6.16.56
  • Linux Kernel 2.6.16.57
    cpe:2.3:o:linux:linux_kernel:2.6.16.57
  • Linux Kernel 2.6.16.58
    cpe:2.3:o:linux:linux_kernel:2.6.16.58
  • Linux Kernel 2.6.16.59
    cpe:2.3:o:linux:linux_kernel:2.6.16.59
  • Linux Kernel 2.6.16.60
    cpe:2.3:o:linux:linux_kernel:2.6.16.60
  • Linux Kernel 2.6.16.61
    cpe:2.3:o:linux:linux_kernel:2.6.16.61
  • Linux Kernel 2.6.16.62
    cpe:2.3:o:linux:linux_kernel:2.6.16.62
  • Linux Kernel 2.6.17
    cpe:2.3:o:linux:linux_kernel:2.6.17
  • Linux Kernel 2.6.17 Release Candidate 1
    cpe:2.3:o:linux:linux_kernel:2.6.17:rc1
  • Linux Kernel 2.6.17 Release Candidate 2
    cpe:2.3:o:linux:linux_kernel:2.6.17:rc2
  • Linux Kernel 2.6.17 Release Candidate 3
    cpe:2.3:o:linux:linux_kernel:2.6.17:rc3
  • Linux Kernel 2.6.17 Release Candidate 4
    cpe:2.3:o:linux:linux_kernel:2.6.17:rc4
  • Linux Kernel 2.6.17 Release Candidate 5
    cpe:2.3:o:linux:linux_kernel:2.6.17:rc5
  • Linux Kernel 2.6.17 Release Candidate 6
    cpe:2.3:o:linux:linux_kernel:2.6.17:rc6
  • Linux Kernel 2.6.17.1
    cpe:2.3:o:linux:linux_kernel:2.6.17.1
  • Linux Kernel 2.6.17.2
    cpe:2.3:o:linux:linux_kernel:2.6.17.2
  • Linux Kernel 2.6.17.3
    cpe:2.3:o:linux:linux_kernel:2.6.17.3
  • Linux Kernel 2.6.17.4
    cpe:2.3:o:linux:linux_kernel:2.6.17.4
  • Linux Kernel 2.6.17.5
    cpe:2.3:o:linux:linux_kernel:2.6.17.5
  • Linux Kernel 2.6.17.6
    cpe:2.3:o:linux:linux_kernel:2.6.17.6
  • Linux Kernel 2.6.17.7
    cpe:2.3:o:linux:linux_kernel:2.6.17.7
  • Linux Kernel 2.6.17.8
    cpe:2.3:o:linux:linux_kernel:2.6.17.8
  • Linux Kernel 2.6.17.9
    cpe:2.3:o:linux:linux_kernel:2.6.17.9
  • Linux Kernel 2.6.17.10
    cpe:2.3:o:linux:linux_kernel:2.6.17.10
  • Linux Kernel 2.6.17.11
    cpe:2.3:o:linux:linux_kernel:2.6.17.11
  • Linux Kernel 2.6.17.12
    cpe:2.3:o:linux:linux_kernel:2.6.17.12
  • Linux Kernel 2.6.17.13
    cpe:2.3:o:linux:linux_kernel:2.6.17.13
  • Linux Kernel 2.6.17.14
    cpe:2.3:o:linux:linux_kernel:2.6.17.14
  • Linux Kernel 2.6.18
    cpe:2.3:o:linux:linux_kernel:2.6.18
  • Linux Kernel 2.6.18 Release Candidate 1
    cpe:2.3:o:linux:linux_kernel:2.6.18:rc1
  • Linux Kernel 2.6.18 Release Candidate 2
    cpe:2.3:o:linux:linux_kernel:2.6.18:rc2
  • Linux Kernel 2.6.18 Release Candidate 3
    cpe:2.3:o:linux:linux_kernel:2.6.18:rc3
  • Linux Kernel 2.6.18 Release Candidate 4
    cpe:2.3:o:linux:linux_kernel:2.6.18:rc4
  • Linux Kernel 2.6.18 Release Candidate 5
    cpe:2.3:o:linux:linux_kernel:2.6.18:rc5
  • Linux Kernel 2.6.18 Release Candidate 6
    cpe:2.3:o:linux:linux_kernel:2.6.18:rc6
  • Linux Kernel 2.6.18 Release Candidate 7
    cpe:2.3:o:linux:linux_kernel:2.6.18:rc7
  • Linux Kernel 2.6.18.1
    cpe:2.3:o:linux:linux_kernel:2.6.18.1
  • Linux Kernel 2.6.18.2
    cpe:2.3:o:linux:linux_kernel:2.6.18.2
  • Linux Kernel 2.6.18.3
    cpe:2.3:o:linux:linux_kernel:2.6.18.3
  • Linux Kernel 2.6.18.4
    cpe:2.3:o:linux:linux_kernel:2.6.18.4
  • Linux Kernel 2.6.18.5
    cpe:2.3:o:linux:linux_kernel:2.6.18.5
  • Linux Kernel 2.6.18.6
    cpe:2.3:o:linux:linux_kernel:2.6.18.6
  • Linux Kernel 2.6.18.7
    cpe:2.3:o:linux:linux_kernel:2.6.18.7
  • Linux Kernel 2.6.18.8
    cpe:2.3:o:linux:linux_kernel:2.6.18.8
  • Linux Kernel 2.6.19
    cpe:2.3:o:linux:linux_kernel:2.6.19
  • Linux Kernel 2.6.19.1
    cpe:2.3:o:linux:linux_kernel:2.6.19.1
  • Linux Kernel 2.6.19.2
    cpe:2.3:o:linux:linux_kernel:2.6.19.2
  • Linux Kernel 2.6.19.3
    cpe:2.3:o:linux:linux_kernel:2.6.19.3
  • Linux Kernel 2.6.19.4
    cpe:2.3:o:linux:linux_kernel:2.6.19.4
  • Linux Kernel 2.6.19.5
    cpe:2.3:o:linux:linux_kernel:2.6.19.5
  • Linux Kernel 2.6.19.6
    cpe:2.3:o:linux:linux_kernel:2.6.19.6
  • Linux Kernel 2.6.19.7
    cpe:2.3:o:linux:linux_kernel:2.6.19.7
  • Linux Kernel 2.6.20
    cpe:2.3:o:linux:linux_kernel:2.6.20
  • Linux Kernel 2.6.20.1
    cpe:2.3:o:linux:linux_kernel:2.6.20.1
  • Linux Kernel 2.6.20.2
    cpe:2.3:o:linux:linux_kernel:2.6.20.2
  • Linux Kernel 2.6.20.3
    cpe:2.3:o:linux:linux_kernel:2.6.20.3
  • Linux Kernel 2.6.20.4
    cpe:2.3:o:linux:linux_kernel:2.6.20.4
  • Linux Kernel 2.6.20.5
    cpe:2.3:o:linux:linux_kernel:2.6.20.5
  • Linux Kernel 2.6.20.6
    cpe:2.3:o:linux:linux_kernel:2.6.20.6
  • Linux Kernel 2.6.20.7
    cpe:2.3:o:linux:linux_kernel:2.6.20.7
  • Linux Kernel 2.6.20.8
    cpe:2.3:o:linux:linux_kernel:2.6.20.8
  • Linux Kernel 2.6.20.9
    cpe:2.3:o:linux:linux_kernel:2.6.20.9
  • Linux Kernel 2.6.20.10
    cpe:2.3:o:linux:linux_kernel:2.6.20.10
  • Linux Kernel 2.6.20.11
    cpe:2.3:o:linux:linux_kernel:2.6.20.11
  • Linux Kernel 2.6.20.12
    cpe:2.3:o:linux:linux_kernel:2.6.20.12
  • Linux Kernel 2.6.20.13
    cpe:2.3:o:linux:linux_kernel:2.6.20.13
  • Linux Kernel 2.6.20.14
    cpe:2.3:o:linux:linux_kernel:2.6.20.14
  • Linux Kernel 2.6.20.15
    cpe:2.3:o:linux:linux_kernel:2.6.20.15
  • Linux Kernel 2.6.20.16
    cpe:2.3:o:linux:linux_kernel:2.6.20.16
  • Linux Kernel 2.6.20.17
    cpe:2.3:o:linux:linux_kernel:2.6.20.17
  • Linux Kernel 2.6.20.18
    cpe:2.3:o:linux:linux_kernel:2.6.20.18
  • Linux Kernel 2.6.20.19
    cpe:2.3:o:linux:linux_kernel:2.6.20.19
  • Linux Kernel 2.6.20.20
    cpe:2.3:o:linux:linux_kernel:2.6.20.20
  • Linux Kernel 2.6.20.21
    cpe:2.3:o:linux:linux_kernel:2.6.20.21
  • Linux Kernel 2.6.21
    cpe:2.3:o:linux:linux_kernel:2.6.21
  • Linux Kernel 2.6.21.1
    cpe:2.3:o:linux:linux_kernel:2.6.21.1
  • Linux Kernel 2.6.21.2
    cpe:2.3:o:linux:linux_kernel:2.6.21.2
  • Linux Kernel 2.6.21.3
    cpe:2.3:o:linux:linux_kernel:2.6.21.3
  • Linux Kernel 2.6.21.4
    cpe:2.3:o:linux:linux_kernel:2.6.21.4
  • Linux Kernel 2.6.21.5
    cpe:2.3:o:linux:linux_kernel:2.6.21.5
  • Linux Kernel 2.6.21.6
    cpe:2.3:o:linux:linux_kernel:2.6.21.6
  • Linux Kernel 2.6.21.7
    cpe:2.3:o:linux:linux_kernel:2.6.21.7
  • Linux Kernel 2.6.22
    cpe:2.3:o:linux:linux_kernel:2.6.22
  • Linux Kernel 2.6.22.1
    cpe:2.3:o:linux:linux_kernel:2.6.22.1
  • Linux Kernel 2.6.22.2
    cpe:2.3:o:linux:linux_kernel:2.6.22.2
  • Linux Kernel 2.6.22.3
    cpe:2.3:o:linux:linux_kernel:2.6.22.3
  • Linux Kernel 2.6.22.4
    cpe:2.3:o:linux:linux_kernel:2.6.22.4
  • Linux Kernel 2.6.22.5
    cpe:2.3:o:linux:linux_kernel:2.6.22.5
  • Linux Kernel 2.6.22.6
    cpe:2.3:o:linux:linux_kernel:2.6.22.6
  • Linux Kernel 2.6.22.7
    cpe:2.3:o:linux:linux_kernel:2.6.22.7
  • Linux Kernel 2.6.22.8
    cpe:2.3:o:linux:linux_kernel:2.6.22.8
  • Linux Kernel 2.6.22.9
    cpe:2.3:o:linux:linux_kernel:2.6.22.9
  • Linux Kernel 2.6.22.10
    cpe:2.3:o:linux:linux_kernel:2.6.22.10
  • Linux Kernel 2.6.22.11
    cpe:2.3:o:linux:linux_kernel:2.6.22.11
  • Linux Kernel 2.6.22.12
    cpe:2.3:o:linux:linux_kernel:2.6.22.12
  • Linux Kernel 2.6.22.13
    cpe:2.3:o:linux:linux_kernel:2.6.22.13
  • Linux Kernel 2.6.22.14
    cpe:2.3:o:linux:linux_kernel:2.6.22.14
  • Linux Kernel 2.6.22.15
    cpe:2.3:o:linux:linux_kernel:2.6.22.15
  • Linux Kernel 2.6.22.16
    cpe:2.3:o:linux:linux_kernel:2.6.22.16
  • Linux Kernel 2.6.22.17
    cpe:2.3:o:linux:linux_kernel:2.6.22.17
  • Linux Kernel 2.6.22.18
    cpe:2.3:o:linux:linux_kernel:2.6.22.18
  • Linux Kernel 2.6.22.19
    cpe:2.3:o:linux:linux_kernel:2.6.22.19
  • Linux Kernel 2.6.22.20
    cpe:2.3:o:linux:linux_kernel:2.6.22.20
  • Linux Kernel 2.6.22.21
    cpe:2.3:o:linux:linux_kernel:2.6.22.21
  • Linux Kernel 2.6.22.22
    cpe:2.3:o:linux:linux_kernel:2.6.22.22
  • Linux Kernel 2.6.23
    cpe:2.3:o:linux:linux_kernel:2.6.23
  • Linux Kernel 2.6.23 Release Candidate 1
    cpe:2.3:o:linux:linux_kernel:2.6.23:rc1
  • Linux Kernel 2.6.23 release candidate 2
    cpe:2.3:o:linux:linux_kernel:2.6.23:rc2
  • Linux Kernel 2.6.23.1
    cpe:2.3:o:linux:linux_kernel:2.6.23.1
  • Linux Kernel 2.6.23.2
    cpe:2.3:o:linux:linux_kernel:2.6.23.2
  • Linux Kernel 2.6.23.3
    cpe:2.3:o:linux:linux_kernel:2.6.23.3
  • Linux Kernel 2.6.23.4
    cpe:2.3:o:linux:linux_kernel:2.6.23.4
  • Linux Kernel 2.6.23.5
    cpe:2.3:o:linux:linux_kernel:2.6.23.5
  • Linux Kernel 2.6.23.6
    cpe:2.3:o:linux:linux_kernel:2.6.23.6
  • Linux Kernel 2.6.23.7
    cpe:2.3:o:linux:linux_kernel:2.6.23.7
  • Linux Kernel 2.6.23.8
    cpe:2.3:o:linux:linux_kernel:2.6.23.8
  • Linux Kernel 2.6.23.9
    cpe:2.3:o:linux:linux_kernel:2.6.23.9
  • Linux Kernel 2.6.23.10
    cpe:2.3:o:linux:linux_kernel:2.6.23.10
  • Linux Kernel 2.6.23.11
    cpe:2.3:o:linux:linux_kernel:2.6.23.11
  • Linux Kernel 2.6.23.12
    cpe:2.3:o:linux:linux_kernel:2.6.23.12
  • Linux Kernel 2.6.23.13
    cpe:2.3:o:linux:linux_kernel:2.6.23.13
  • Linux Kernel 2.6.23.14
    cpe:2.3:o:linux:linux_kernel:2.6.23.14
  • Linux Kernel 2.6.23.16
    cpe:2.3:o:linux:linux_kernel:2.6.23.15
  • Linux Kernel 2.6.23.16
    cpe:2.3:o:linux:linux_kernel:2.6.23.16
  • Linux Kernel 2.6.23.17
    cpe:2.3:o:linux:linux_kernel:2.6.23.17
  • Linux Kernel 2.6.24
    cpe:2.3:o:linux:linux_kernel:2.6.24
  • Linux Kernel 2.6.24 Release Candidate 1
    cpe:2.3:o:linux:linux_kernel:2.6.24:rc1
  • Linux Kernel 2.6.24 Release Candidate 2
    cpe:2.3:o:linux:linux_kernel:2.6.24:rc2
  • Linux Kernel 2.6.24 Release Candidate 3
    cpe:2.3:o:linux:linux_kernel:2.6.24:rc3
  • Linux Kernel 2.6.24 Release Candidate 4
    cpe:2.3:o:linux:linux_kernel:2.6.24:rc4
  • Linux Kernel 2.6.24 Release Candidate 5
    cpe:2.3:o:linux:linux_kernel:2.6.24:rc5
  • Linux Kernel 2.6.24.1
    cpe:2.3:o:linux:linux_kernel:2.6.24.1
  • Linux Kernel 2.6.24.2
    cpe:2.3:o:linux:linux_kernel:2.6.24.2
  • Linux Kernel 2.6.24.3
    cpe:2.3:o:linux:linux_kernel:2.6.24.3
  • Linux Kernel 2.6.24.4
    cpe:2.3:o:linux:linux_kernel:2.6.24.4
  • Linux Kernel 2.6.24.5
    cpe:2.3:o:linux:linux_kernel:2.6.24.5
  • Linux Kernel 2.6.24.6
    cpe:2.3:o:linux:linux_kernel:2.6.24.6
  • Linux Kernel 2.6.24.7
    cpe:2.3:o:linux:linux_kernel:2.6.24.7
  • Linux Kernel 2.6.25
    cpe:2.3:o:linux:linux_kernel:2.6.25
  • Linux Kernel 2.6.25.1
    cpe:2.3:o:linux:linux_kernel:2.6.25.1
  • Linux Kernel 2.6.25.2
    cpe:2.3:o:linux:linux_kernel:2.6.25.2
  • Linux Kernel 2.6.25.3
    cpe:2.3:o:linux:linux_kernel:2.6.25.3
  • Linux Kernel 2.6.25.4
    cpe:2.3:o:linux:linux_kernel:2.6.25.4
  • Linux Kernel 2.6.25.5
    cpe:2.3:o:linux:linux_kernel:2.6.25.5
  • Linux Kernel 2.6.25.6
    cpe:2.3:o:linux:linux_kernel:2.6.25.6
  • Linux Kernel 2.6.25.7
    cpe:2.3:o:linux:linux_kernel:2.6.25.7
  • Linux Kernel 2.6.25.8
    cpe:2.3:o:linux:linux_kernel:2.6.25.8
  • Linux Kernel 2.6.25.9
    cpe:2.3:o:linux:linux_kernel:2.6.25.9
  • Linux Kernel 2.6.25.10
    cpe:2.3:o:linux:linux_kernel:2.6.25.10
  • Linux Kernel 2.6.25.11
    cpe:2.3:o:linux:linux_kernel:2.6.25.11
  • Linux Kernel 2.6.25.12
    cpe:2.3:o:linux:linux_kernel:2.6.25.12
  • Linux Kernel 2.6.25.13
    cpe:2.3:o:linux:linux_kernel:2.6.25.13
  • Linux Kernel 2.6.25.14
    cpe:2.3:o:linux:linux_kernel:2.6.25.14
  • Linux Kernel 2.6.25.15
    cpe:2.3:o:linux:linux_kernel:2.6.25.15
  • Linux Kernel 2.6.25.16
    cpe:2.3:o:linux:linux_kernel:2.6.25.16
  • Linux Kernel 2.6.25.17
    cpe:2.3:o:linux:linux_kernel:2.6.25.17
  • Linux Kernel 2.6.25.18
    cpe:2.3:o:linux:linux_kernel:2.6.25.18
  • Linux Kernel 2.6.25.19
    cpe:2.3:o:linux:linux_kernel:2.6.25.19
  • Linux Kernel 2.6.25.20
    cpe:2.3:o:linux:linux_kernel:2.6.25.20
  • Linux Kernel 2.6.26
    cpe:2.3:o:linux:linux_kernel:2.6.26
  • Linux Kernel 2.6.26.1
    cpe:2.3:o:linux:linux_kernel:2.6.26.1
  • Linux Kernel 2.6.26.2
    cpe:2.3:o:linux:linux_kernel:2.6.26.2
  • Linux Kernel 2.6.26.3
    cpe:2.3:o:linux:linux_kernel:2.6.26.3
  • Linux Kernel 2.6.26.4
    cpe:2.3:o:linux:linux_kernel:2.6.26.4
  • Linux Kernel 2.6.26.5
    cpe:2.3:o:linux:linux_kernel:2.6.26.5
  • Linux Kernel 2.6.26.6
    cpe:2.3:o:linux:linux_kernel:2.6.26.6
  • Linux Kernel 2.6.26.7
    cpe:2.3:o:linux:linux_kernel:2.6.26.7
  • Linux Kernel 2.6.26.8
    cpe:2.3:o:linux:linux_kernel:2.6.26.8
CVSS
Base: 7.8 (as of 24-03-2010 - 15:59)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
exploit-db via4
description Linux Kernel 2.6.x 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service Vulnerability. CVE-2010-0437. Dos exploit for linux platform
id EDB-ID:33635
last seen 2016-02-03
modified 2008-07-31
published 2008-07-31
reporter RĂ©mi Denis-Courmont
source https://www.exploit-db.com/download/33635/
title Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service Vulnerability
nessus via4
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2013-0039.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2013-0039 for details.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 79507
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79507
    title OracleVM 2.2 : kernel (OVMSA-2013-0039)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0147.NASL
    description From Red Hat Security Advisory 2010:0147 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes : * a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially crafted SCTP packet to a target system, resulting in a denial of service. (CVE-2010-0008, Important) * a missing boundary check was found in the do_move_pages() function in the memory migration functionality in the Linux kernel. A local user could use this flaw to cause a local denial of service or an information leak. (CVE-2010-0415, Important) * a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function in the Linux kernel. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet. (CVE-2010-0437, Important) * a NULL pointer dereference flaw was found in the ext4 file system code in the Linux kernel. A local attacker could use this flaw to trigger a local denial of service by mounting a specially crafted, journal-less ext4 file system, if that file system forced an EROFS error. (CVE-2009-4308, Moderate) * an information leak was found in the print_fatal_signal() implementation in the Linux kernel. When '/proc/sys/kernel/print-fatal-signals' is set to 1 (the default value is 0), memory that is reachable by the kernel could be leaked to user-space. This issue could also result in a system crash. Note that this flaw only affected the i386 architecture. (CVE-2010-0003, Moderate) * missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. (CVE-2010-0007, Low) Bug fixes : * a bug prevented Wake on LAN (WoL) being enabled on certain Intel hardware. (BZ#543449) * a race issue in the Journaling Block Device. (BZ#553132) * programs compiled on x86, and that also call sched_rr_get_interval(), were silently corrupted when run on 64-bit systems. (BZ#557684) * the RHSA-2010:0019 update introduced a regression, preventing WoL from working for network devices using the e1000e driver. (BZ#559335) * adding a bonding interface in mode balance-alb to a bridge was not functional. (BZ#560588) * some KVM (Kernel-based Virtual Machine) guests experienced slow performance (and possibly a crash) after suspend/resume. (BZ#560640) * on some systems, VF cannot be enabled in dom0. (BZ#560665) * on systems with certain network cards, a system crash occurred after enabling GRO. (BZ#561417) * for x86 KVM guests with pvclock enabled, the boot clocks were registered twice, possibly causing KVM to write data to a random memory area during the guest's life. (BZ#561454) * serious performance degradation for 32-bit applications, that map (mmap) thousands of small files, when run on a 64-bit system. (BZ#562746) * improved kexec/kdump handling. Previously, on some systems under heavy load, kexec/kdump was not functional. (BZ#562772) * dom0 was unable to boot when using the Xen hypervisor on a system with a large number of logical CPUs. (BZ#562777) * a fix for a bug that could potentially cause file system corruption. (BZ#564281) * a bug caused infrequent cluster issues for users of GFS2. (BZ#564288) * gfs2_delete_inode failed on read-only file systems. (BZ#564290) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68014
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68014
    title Oracle Linux 5 : kernel (ELSA-2010-0147)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0148.NASL
    description Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially crafted SCTP packet to a target system, resulting in a denial of service. (CVE-2010-0008, Important) * a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function in the Linux kernel. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet. (CVE-2010-0437, Important) This update also fixes the following bugs : * programs compiled on x86, and that also call sched_rr_get_interval(), were silently corrupted when run on 64-bit systems. With this update, when such programs attempt to call sched_rr_get_interval() on 64-bit systems, sys32_sched_rr_get_interval() is called instead, which resolves this issue. (BZ#557682) * the fix for CVE-2009-4538 provided by RHSA-2010:0079 introduced a regression, preventing Wake on LAN (WoL) working for network devices using the Intel PRO/1000 Linux driver, e1000e. Attempting to configure WoL for such devices resulted in the following error, even when configuring valid options : 'Cannot set new wake-on-lan settings: Operation not supported not setting wol' This update resolves this regression, and WoL now works as expected for network devices using the e1000e driver. (BZ#559333) * a number of bugs have been fixed in the copy_user routines for Intel 64 and AMD64 systems, one of which could have possibly led to data corruption. (BZ#568305) * on some systems, a race condition in the inode-based file event notifications implementation caused soft lockups and the following messages : 'BUG: warning at fs/inotify.c:181/set_dentry_child_flags()' 'BUG: soft lockup - CPU#[x] stuck for 10s!' This update resolves this race condition, and also removes the inotify debugging code from the kernel, due to race conditions in that code. (BZ#568662) * if a program that calls posix_fadvise() were compiled on x86, and then run on a 64-bit system, that program could experience various problems, including performance issues and the call to posix_fadvise() failing, causing the program to not run as expected or even abort. With this update, when such programs attempt to call posix_fadvise() on 64-bit systems, sys32_fadvise64() is called instead, which resolves this issue. This update also fixes other 32-bit system calls that were mistakenly called on 64-bit systems (including systems running the kernel-xen kernel). (BZ#569595) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2014-08-18
    plugin id 63921
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63921
    title RHEL 5 : kernel (RHSA-2010:0148)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100316_KERNEL_ON_SL5_X.NASL
    description Security fixes : - a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially crafted SCTP packet to a target system, resulting in a denial of service. (CVE-2010-0008, Important) - a missing boundary check was found in the do_move_pages() function in the memory migration functionality in the Linux kernel. A local user could use this flaw to cause a local denial of service or an information leak. (CVE-2010-0415, Important) - a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function in the Linux kernel. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet. (CVE-2010-0437, Important) - a NULL pointer dereference flaw was found in the ext4 file system code in the Linux kernel. A local attacker could use this flaw to trigger a local denial of service by mounting a specially crafted, journal-less ext4 file system, if that file system forced an EROFS error. (CVE-2009-4308, Moderate) - an information leak was found in the print_fatal_signal() implementation in the Linux kernel. When '/proc/sys/kernel/print-fatal-signals' is set to 1 (the default value is 0), memory that is reachable by the kernel could be leaked to user-space. This issue could also result in a system crash. Note that this flaw only affected the i386 architecture. (CVE-2010-0003, Moderate) - missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. (CVE-2010-0007, Low) Bug fixes : - a bug prevented Wake on LAN (WoL) being enabled on certain Intel hardware. (BZ#543449) - a race issue in the Journaling Block Device. (BZ#553132) - programs compiled on x86, and that also call sched_rr_get_interval(), were silently corrupted when run on 64-bit systems. (BZ#557684) - the RHSA-2010:0019 update introduced a regression, preventing WoL from working for network devices using the e1000e driver. (BZ#559335) - adding a bonding interface in mode balance-alb to a bridge was not functional. (BZ#560588) - some KVM (Kernel-based Virtual Machine) guests experienced slow performance (and possibly a crash) after suspend/resume. (BZ#560640) - on some systems, VF cannot be enabled in dom0. (BZ#560665) - on systems with certain network cards, a system crash occurred after enabling GRO. (BZ#561417) - for x86 KVM guests with pvclock enabled, the boot clocks were registered twice, possibly causing KVM to write data to a random memory area during the guest's life. (BZ#561454) - serious performance degradation for 32-bit applications, that map (mmap) thousands of small files, when run on a 64-bit system. (BZ#562746) - improved kexec/kdump handling. Previously, on some systems under heavy load, kexec/kdump was not functional. (BZ#562772) - dom0 was unable to boot when using the Xen hypervisor on a system with a large number of logical CPUs. (BZ#562777) - a fix for a bug that could potentially cause file system corruption. (BZ#564281) - a bug caused infrequent cluster issues for users of GFS2. (BZ#564288) - gfs2_delete_inode failed on read-only file systems. (BZ#564290) The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60749
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60749
    title Scientific Linux Security Update : kernel on SL5.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0147.NASL
    description Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes : * a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially crafted SCTP packet to a target system, resulting in a denial of service. (CVE-2010-0008, Important) * a missing boundary check was found in the do_move_pages() function in the memory migration functionality in the Linux kernel. A local user could use this flaw to cause a local denial of service or an information leak. (CVE-2010-0415, Important) * a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function in the Linux kernel. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet. (CVE-2010-0437, Important) * a NULL pointer dereference flaw was found in the ext4 file system code in the Linux kernel. A local attacker could use this flaw to trigger a local denial of service by mounting a specially crafted, journal-less ext4 file system, if that file system forced an EROFS error. (CVE-2009-4308, Moderate) * an information leak was found in the print_fatal_signal() implementation in the Linux kernel. When '/proc/sys/kernel/print-fatal-signals' is set to 1 (the default value is 0), memory that is reachable by the kernel could be leaked to user-space. This issue could also result in a system crash. Note that this flaw only affected the i386 architecture. (CVE-2010-0003, Moderate) * missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. (CVE-2010-0007, Low) Bug fixes : * a bug prevented Wake on LAN (WoL) being enabled on certain Intel hardware. (BZ#543449) * a race issue in the Journaling Block Device. (BZ#553132) * programs compiled on x86, and that also call sched_rr_get_interval(), were silently corrupted when run on 64-bit systems. (BZ#557684) * the RHSA-2010:0019 update introduced a regression, preventing WoL from working for network devices using the e1000e driver. (BZ#559335) * adding a bonding interface in mode balance-alb to a bridge was not functional. (BZ#560588) * some KVM (Kernel-based Virtual Machine) guests experienced slow performance (and possibly a crash) after suspend/resume. (BZ#560640) * on some systems, VF cannot be enabled in dom0. (BZ#560665) * on systems with certain network cards, a system crash occurred after enabling GRO. (BZ#561417) * for x86 KVM guests with pvclock enabled, the boot clocks were registered twice, possibly causing KVM to write data to a random memory area during the guest's life. (BZ#561454) * serious performance degradation for 32-bit applications, that map (mmap) thousands of small files, when run on a 64-bit system. (BZ#562746) * improved kexec/kdump handling. Previously, on some systems under heavy load, kexec/kdump was not functional. (BZ#562772) * dom0 was unable to boot when using the Xen hypervisor on a system with a large number of logical CPUs. (BZ#562777) * a fix for a bug that could potentially cause file system corruption. (BZ#564281) * a bug caused infrequent cluster issues for users of GFS2. (BZ#564288) * gfs2_delete_inode failed on read-only file systems. (BZ#564290) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45092
    published 2010-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45092
    title CentOS 5 : kernel (CESA-2010:0147)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0149.NASL
    description Updated kernel packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * a deficiency was found in the fasync_helper() implementation. This could allow a local, unprivileged user to leverage a use-after-free of locked, asynchronous file descriptors to cause a denial of service or privilege escalation. (CVE-2009-4141, Important) * a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially crafted SCTP packet to a target system, resulting in a denial of service. (CVE-2010-0008, Important) * a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function in the Linux kernel. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet. (CVE-2010-0437, Important) This update also fixes the following bugs : * programs compiled on x86, and that also call sched_rr_get_interval(), were silently corrupted when run on 64-bit systems. With this update, when such programs attempt to call sched_rr_get_interval() on 64-bit systems, sys32_sched_rr_get_interval() is called instead, which resolves this issue. (BZ#557683) * the fix for CVE-2009-4538 provided by RHSA-2010:0053 introduced a regression, preventing Wake on LAN (WoL) working for network devices using the Intel PRO/1000 Linux driver, e1000e. Attempting to configure WoL for such devices resulted in the following error, even when configuring valid options : 'Cannot set new wake-on-lan settings: Operation not supported not setting wol' This update resolves this regression, and WoL now works as expected for network devices using the e1000e driver. (BZ#559334) * a number of bugs have been fixed in the copy_user routines for Intel 64 and AMD64 systems, one of which could have possibly led to data corruption. (BZ#568307) * on some systems, a race condition in the inode-based file event notifications implementation caused soft lockups and the following messages : 'BUG: warning at fs/inotify.c:181/set_dentry_child_flags()' 'BUG: soft lockup - CPU#[x] stuck for 10s!' This update resolves this race condition, and also removes the inotify debugging code from the kernel, due to race conditions in that code. (BZ#568663) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2015-10-18
    plugin id 63922
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63922
    title RHEL 5 : kernel (RHSA-2010:0149)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-947-2.NASL
    description USN-947-1 fixed vulnerabilities in the Linux kernel. Fixes for CVE-2010-0419 caused failures when using KVM in certain situations. This update reverts that fix until a better solution can be found. We apologize for the inconvenience. It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. A local attacker could exploit this to cause a denial of service. (Only affected Ubuntu 6.06 LTS.) (CVE-2009-4271) It was discovered that the r8169 network driver did not correctly check the size of Ethernet frames. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2009-4537) Wei Yongjun discovered that SCTP did not correctly validate certain chunks. A remote attacker could send specially crafted traffic to monopolize CPU resources, leading to a denial of service. (Only affected Ubuntu 6.06 LTS.) (CVE-2010-0008) It was discovered that KVM did not correctly limit certain privileged IO accesses on x86. Processes in the guest OS with access to IO regions could gain further privileges within the guest OS. (Did not affect Ubuntu 6.06 LTS.) (CVE-2010-0298, CVE-2010-0306, CVE-2010-0419) Evgeniy Polyakov discovered that IPv6 did not correctly handle certain TUN packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (Only affected Ubuntu 8.04 LTS.) (CVE-2010-0437) Sachin Prabhu discovered that GFS2 did not correctly handle certain locks. A local attacker with write access to a GFS2 filesystem could exploit this to crash the system, leading to a denial of service. (CVE-2010-0727) Jamie Strandboge discovered that network virtio in KVM did not correctly handle certain high-traffic conditions. A remote attacker could exploit this by sending specially crafted traffic to a guest OS, causing the guest to crash, leading to a denial of service. (Only affected Ubuntu 8.04 LTS.) (CVE-2010-0741) Marcus Meissner discovered that the USB subsystem did not correctly handle certain error conditions. A local attacker with access to a USB device could exploit this to read recently used kernel memory, leading to a loss of privacy and potentially root privilege escalation. (CVE-2010-1083) Neil Brown discovered that the Bluetooth subsystem did not correctly handle large amounts of traffic. A physically proximate remote attacker could exploit this by sending specially crafted traffic that would consume all available system memory, leading to a denial of service. (Ubuntu 6.06 LTS and 10.04 LTS were not affected.) (CVE-2010-1084) Jody Bruchon discovered that the sound driver for the AMD780V did not correctly handle certain conditions. A local attacker with access to this hardward could exploit the flaw to cause a system crash, leading to a denial of service. (CVE-2010-1085) Ang Way Chuang discovered that the DVB driver did not correctly handle certain MPEG2-TS frames. An attacker could exploit this by delivering specially crafted frames to monopolize CPU resources, leading to a denial of service. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1086) Trond Myklebust discovered that NFS did not correctly handle truncation under certain conditions. A local attacker with write access to an NFS share could exploit this to crash the system, leading to a denial of service. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1087) Al Viro discovered that automount of NFS did not correctly handle symlinks under certain conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (Ubuntu 6.06 LTS and Ubuntu 10.04 LTS were not affected.) (CVE-2010-1088) Matt McCutchen discovered that ReiserFS did not correctly protect xattr files in the .reiserfs_priv directory. A local attacker could exploit this to gain root privileges or crash the system, leading to a denial of service. (CVE-2010-1146) Eugene Teo discovered that CIFS did not correctly validate arguments when creating new files. A local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges if mmap_min_addr was not set. (CVE-2010-1148) Catalin Marinas and Tetsuo Handa discovered that the TTY layer did not correctly release process IDs. A local attacker could exploit this to consume kernel resources, leading to a denial of service. (CVE-2010-1162) Neil Horman discovered that TIPC did not correctly check its internal state. A local attacker could send specially crafted packets via AF_TIPC that would cause the system to crash, leading to a denial of service. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-1187) Masayuki Nakagawa discovered that IPv6 did not correctly handle certain settings when listening. If a socket were listening with the IPV6_RECVPKTINFO flag, a remote attacker could send specially crafted traffic that would cause the system to crash, leading to a denial of service. (Only Ubuntu 6.06 LTS was affected.) (CVE-2010-1188) Oleg Nesterov discovered that the Out-Of-Memory handler did not correctly handle certain arrangements of processes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-1488). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 46811
    published 2010-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46811
    title Ubuntu 10.04 LTS : linux regression (USN-947-2)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0147.NASL
    description Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes : * a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially crafted SCTP packet to a target system, resulting in a denial of service. (CVE-2010-0008, Important) * a missing boundary check was found in the do_move_pages() function in the memory migration functionality in the Linux kernel. A local user could use this flaw to cause a local denial of service or an information leak. (CVE-2010-0415, Important) * a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function in the Linux kernel. An attacker on the local network could trigger this flaw by sending IPv6 traffic to a target system, leading to a system crash (kernel OOPS) if dst->neighbour is NULL on the target system when receiving an IPv6 packet. (CVE-2010-0437, Important) * a NULL pointer dereference flaw was found in the ext4 file system code in the Linux kernel. A local attacker could use this flaw to trigger a local denial of service by mounting a specially crafted, journal-less ext4 file system, if that file system forced an EROFS error. (CVE-2009-4308, Moderate) * an information leak was found in the print_fatal_signal() implementation in the Linux kernel. When '/proc/sys/kernel/print-fatal-signals' is set to 1 (the default value is 0), memory that is reachable by the kernel could be leaked to user-space. This issue could also result in a system crash. Note that this flaw only affected the i386 architecture. (CVE-2010-0003, Moderate) * missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. (CVE-2010-0007, Low) Bug fixes : * a bug prevented Wake on LAN (WoL) being enabled on certain Intel hardware. (BZ#543449) * a race issue in the Journaling Block Device. (BZ#553132) * programs compiled on x86, and that also call sched_rr_get_interval(), were silently corrupted when run on 64-bit systems. (BZ#557684) * the RHSA-2010:0019 update introduced a regression, preventing WoL from working for network devices using the e1000e driver. (BZ#559335) * adding a bonding interface in mode balance-alb to a bridge was not functional. (BZ#560588) * some KVM (Kernel-based Virtual Machine) guests experienced slow performance (and possibly a crash) after suspend/resume. (BZ#560640) * on some systems, VF cannot be enabled in dom0. (BZ#560665) * on systems with certain network cards, a system crash occurred after enabling GRO. (BZ#561417) * for x86 KVM guests with pvclock enabled, the boot clocks were registered twice, possibly causing KVM to write data to a random memory area during the guest's life. (BZ#561454) * serious performance degradation for 32-bit applications, that map (mmap) thousands of small files, when run on a 64-bit system. (BZ#562746) * improved kexec/kdump handling. Previously, on some systems under heavy load, kexec/kdump was not functional. (BZ#562772) * dom0 was unable to boot when using the Xen hypervisor on a system with a large number of logical CPUs. (BZ#562777) * a fix for a bug that could potentially cause file system corruption. (BZ#564281) * a bug caused infrequent cluster issues for users of GFS2. (BZ#564288) * gfs2_delete_inode failed on read-only file systems. (BZ#564290) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 46270
    published 2010-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46270
    title RHEL 5 : kernel (RHSA-2010:0147)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2011-0003.NASL
    description a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database solutions need not update for these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086, CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL Express Service Pack 3. b. vCenter Apache Tomcat Management Application Credential Disclosure The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update. VMware would like to thank Claudio Criscione of Secure Networking for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-2928 to this issue. c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21 Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name to the security issue fixed in Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566, CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573, CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555, CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562, CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572, CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541, CVE-2010-3574. e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28 Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i and CVE-2009-3548. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. f. vCenter Server third-party component OpenSSL updated to version 0.9.8n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0740 and CVE-2010-0433 to the issues addressed in this version of OpenSSL. g. ESX third-party component OpenSSL updated to version 0.9.8p The version of the ESX OpenSSL library is updated to 0.9.8p. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3864 and CVE-2010-2939 to the issues addressed in this update. h. ESXi third-party component cURL updated The version of cURL library in ESXi is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to the issues addressed in this update. i. ESX third-party component pam_krb5 updated The version of pam_krb5 library is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3825 and CVE-2009-1384 to the issues addressed in the update. j. ESX third-party update for Service Console kernel The Service Console kernel is updated to include kernel version 2.6.18-194.11.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070, CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086, CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437, CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and CVE-2010-3081 to the issues addressed in the update. Notes : - The update also addresses the 64-bit compatibility mode stack pointer underflow issue identified by CVE-2010-3081. This issue was patched in an ESX 4.1 patch prior to the release of ESX 4.1 Update 1 and in a previous ESX 4.0 patch release. - The update also addresses CVE-2010-2240 for ESX 4.0.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 51971
    published 2011-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51971
    title VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-947-1.NASL
    description It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. A local attacker could exploit this to cause a denial of service. (Only affected Ubuntu 6.06 LTS.) (CVE-2009-4271) It was discovered that the r8169 network driver did not correctly check the size of Ethernet frames. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2009-4537) Wei Yongjun discovered that SCTP did not correctly validate certain chunks. A remote attacker could send specially crafted traffic to monopolize CPU resources, leading to a denial of service. (Only affected Ubuntu 6.06 LTS.) (CVE-2010-0008) It was discovered that KVM did not correctly limit certain privileged IO accesses on x86. Processes in the guest OS with access to IO regions could gain further privileges within the guest OS. (Did not affect Ubuntu 6.06 LTS.) (CVE-2010-0298, CVE-2010-0306, CVE-2010-0419) Evgeniy Polyakov discovered that IPv6 did not correctly handle certain TUN packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (Only affected Ubuntu 8.04 LTS.) (CVE-2010-0437) Sachin Prabhu discovered that GFS2 did not correctly handle certain locks. A local attacker with write access to a GFS2 filesystem could exploit this to crash the system, leading to a denial of service. (CVE-2010-0727) Jamie Strandboge discovered that network virtio in KVM did not correctly handle certain high-traffic conditions. A remote attacker could exploit this by sending specially crafted traffic to a guest OS, causing the guest to crash, leading to a denial of service. (Only affected Ubuntu 8.04 LTS.) (CVE-2010-0741) Marcus Meissner discovered that the USB subsystem did not correctly handle certain error conditions. A local attacker with access to a USB device could exploit this to read recently used kernel memory, leading to a loss of privacy and potentially root privilege escalation. (CVE-2010-1083) Neil Brown discovered that the Bluetooth subsystem did not correctly handle large amounts of traffic. A physically proximate remote attacker could exploit this by sending specially crafted traffic that would consume all available system memory, leading to a denial of service. (Ubuntu 6.06 LTS and 10.04 LTS were not affected.) (CVE-2010-1084) Jody Bruchon discovered that the sound driver for the AMD780V did not correctly handle certain conditions. A local attacker with access to this hardward could exploit the flaw to cause a system crash, leading to a denial of service. (CVE-2010-1085) Ang Way Chuang discovered that the DVB driver did not correctly handle certain MPEG2-TS frames. An attacker could exploit this by delivering specially crafted frames to monopolize CPU resources, leading to a denial of service. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1086) Trond Myklebust discovered that NFS did not correctly handle truncation under certain conditions. A local attacker with write access to an NFS share could exploit this to crash the system, leading to a denial of service. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1087) Al Viro discovered that automount of NFS did not correctly handle symlinks under certain conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (Ubuntu 6.06 LTS and Ubuntu 10.04 LTS were not affected.) (CVE-2010-1088) Matt McCutchen discovered that ReiserFS did not correctly protect xattr files in the .reiserfs_priv directory. A local attacker could exploit this to gain root privileges or crash the system, leading to a denial of service. (CVE-2010-1146) Eugene Teo discovered that CIFS did not correctly validate arguments when creating new files. A local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges if mmap_min_addr was not set. (CVE-2010-1148) Catalin Marinas and Tetsuo Handa discovered that the TTY layer did not correctly release process IDs. A local attacker could exploit this to consume kernel resources, leading to a denial of service. (CVE-2010-1162) Neil Horman discovered that TIPC did not correctly check its internal state. A local attacker could send specially crafted packets via AF_TIPC that would cause the system to crash, leading to a denial of service. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-1187) Masayuki Nakagawa discovered that IPv6 did not correctly handle certain settings when listening. If a socket were listening with the IPV6_RECVPKTINFO flag, a remote attacker could send specially crafted traffic that would cause the system to crash, leading to a denial of service. (Only Ubuntu 6.06 LTS was affected.) (CVE-2010-1188) Oleg Nesterov discovered that the Out-Of-Memory handler did not correctly handle certain arrangements of processes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-1488). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 46810
    published 2010-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46810
    title Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : linux, linux-source-2.6.15 vulnerabilities (USN-947-1)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2011-0003_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries : - Apache Tomcat - Apache Tomcat Manager - cURL - Java Runtime Environment (JRE) - Kernel - Microsoft SQL Express - OpenSSL - pam_krb5
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 89674
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89674
    title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check)
oval via4
accepted 2013-04-29T04:01:02.853-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors.
family unix
id oval:org.mitre.oval:def:10061
status accepted
submitted 2010-07-09T03:56:16-04:00
title The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors.
version 18
redhat via4
advisories
  • bugzilla
    id 564290
    title 1916556 - GFS2 gfs2_delete_inode failing on RO filesystem [rhel-5.4.z]
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment kernel is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147002
        • comment kernel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099003
      • AND
        • comment kernel-PAE is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147020
        • comment kernel-PAE is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099019
      • AND
        • comment kernel-PAE-devel is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147022
        • comment kernel-PAE-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099017
      • AND
        • comment kernel-debug is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147008
        • comment kernel-debug is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070993007
      • AND
        • comment kernel-debug-devel is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147012
        • comment kernel-debug-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070993013
      • AND
        • comment kernel-devel is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147014
        • comment kernel-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099011
      • AND
        • comment kernel-doc is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147024
        • comment kernel-doc is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099021
      • AND
        • comment kernel-headers is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147004
        • comment kernel-headers is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099005
      • AND
        • comment kernel-kdump is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147018
        • comment kernel-kdump is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099015
      • AND
        • comment kernel-kdump-devel is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147016
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099013
      • AND
        • comment kernel-xen is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147006
        • comment kernel-xen is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099007
      • AND
        • comment kernel-xen-devel is earlier than 0:2.6.18-164.15.1.el5
          oval oval:com.redhat.rhsa:tst:20100147010
        • comment kernel-xen-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070099009
    rhsa
    id RHSA-2010:0147
    released 2010-03-16
    severity Important
    title RHSA-2010:0147: kernel security and bug fix update (Important)
  • rhsa
    id RHSA-2010:0161
rpms
  • kernel-0:2.6.18-164.15.1.el5
  • kernel-PAE-0:2.6.18-164.15.1.el5
  • kernel-PAE-devel-0:2.6.18-164.15.1.el5
  • kernel-debug-0:2.6.18-164.15.1.el5
  • kernel-debug-devel-0:2.6.18-164.15.1.el5
  • kernel-devel-0:2.6.18-164.15.1.el5
  • kernel-doc-0:2.6.18-164.15.1.el5
  • kernel-headers-0:2.6.18-164.15.1.el5
  • kernel-kdump-0:2.6.18-164.15.1.el5
  • kernel-kdump-devel-0:2.6.18-164.15.1.el5
  • kernel-xen-0:2.6.18-164.15.1.el5
  • kernel-xen-devel-0:2.6.18-164.15.1.el5
refmap via4
bugtraq 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
confirm
mlist
  • [oss-security] 20100211 CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference
  • [oss-security] 20100304 Re: CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference
secunia
  • 39033
  • 43315
statements via4
contributor Vincent Danen
lastmodified 2010-03-25
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2010-0437. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3 and 4, as they do not include support for Optimistic Duplicate Address Detection (DAD) in IPv6. This was addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2010-9419.html. A future update in Red Hat Enterprise MRG may address this flaw.
Last major update 19-03-2012 - 00:00
Published 24-03-2010 - 09:34
Last modified 10-10-2018 - 15:52
Back to Top