CVE-2007-1497 (retired)

Priority
Description
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set
nfctinfo during reassembly of fragmented packets, which leaves the default
value as IP_CT_ESTABLISHED and might allow remote attackers to bypass
certain rulesets using IPv6 fragments.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:39:46 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)