CVE-2007-6282
Published: 8 May 2008
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
From the Ubuntu Security Team
Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| hardy |
Released
(2.6.24-19.36)
|
|
| upstream |
Released
(2.6.25~rc9)
|
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-52.69)
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| upstream |
Released
(2.6.25~rc9)
|
|
|
linux-source-2.6.20 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| feisty |
Released
(2.6.20-17.37)
|
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| upstream |
Released
(2.6.25~rc9)
|
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| feisty |
Does not exist
|
|
| gutsy |
Released
(2.6.22-15.56)
|
|
| hardy |
Does not exist
|
|
| upstream |
Released
(2.6.25~rc9)
|