CVE-2007-1592
Published: 22 March 2007
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.
Priority
Status
Package | Release | Status |
---|---|---|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-29.58)
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Does not exist
|
|
feisty |
Released
(2.6.20-16.31)
|
|
upstream |
Needs triage
|
|
linux-source-2.6.17 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Released
(2.6.17.1-12.40)
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|