CVE-2005-4635
CVSS5.0
发布时间 :2005-12-31 00:00:00
修订时间 :2011-03-07 21:28:42
NMCOS    

[原文]The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.


[CNNVD]Linux Kernel FIB_LOOKUP拒绝服务漏洞(CNNVD-200512-875)

        Linux内核2.6.15之前版本的fib_frontend.c中的nl_fib_input函数未检查标题和有效负载的有效长度,远程攻击者可通过一个有缺陷的fib_lookup netlink消息发起拒绝服务攻击(无效内存引用)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.6.12.2Linux Kernel 2.6.12.2
cpe:/o:linux:linux_kernel:2.6.0:test2Linux Kernel 2.6 test2
cpe:/o:linux:linux_kernel:2.6.8.1.5::power4
cpe:/o:linux:linux_kernel:2.6.1Linux Kernel 2.6.1
cpe:/o:linux:linux_kernel:2.3.99:pre6Linux Kernel 2.3.99 pre6
cpe:/o:linux:linux_kernel:2.6.15:rc4Linux Kernel 2.6.15 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.14:rc4Linux Kernel 2.6.14 Release Candidate 4
cpe:/o:linux:linux_kernel:2.4.27Linux Kernel 2.4.27
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8
cpe:/o:linux:linux_kernel:2.3.99:pre3Linux Kernel 2.3.99 pre3
cpe:/o:linux:linux_kernel:2.6.11.6Linux Kernel 2.6.11.6
cpe:/o:linux:linux_kernel:2.6.8.1.5::686
cpe:/o:linux:linux_kernel:2.4.24_ow1
cpe:/o:linux:linux_kernel:2.4.0:test3Linux Kernel 2.4.0 test3
cpe:/o:linux:linux_kernel:2.4.23:pre9Linux Kernel 2.4.23 pre9
cpe:/o:linux:linux_kernel:2.6.0:test1Linux Kernel 2.6 test1
cpe:/o:linux:linux_kernel:2.6.14.2Linux Kernel 2.6.14.2
cpe:/o:linux:linux_kernel:2.6.11Linux Kernel 2.6.11
cpe:/o:linux:linux_kernel:2.6.13:rc1Linux Kernel 2.6.13 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.0:test11Linux Kernel 2.6 test11
cpe:/o:linux:linux_kernel:2.6.9:2.6.20
cpe:/o:linux:linux_kernel:2.6.0:test6Linux Kernel 2.6 test6
cpe:/o:linux:linux_kernel:2.6.13:rc7Linux Kernel 2.6.13 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc
cpe:/o:linux:linux_kernel:2.6.15Linux Kernel 2.6.15
cpe:/o:linux:linux_kernel:2.3.99:pre4Linux Kernel 2.3.99 pre4
cpe:/o:linux:linux_kernel:2.4.29:rc2Linux Kernel 2.4.29 rc2
cpe:/o:linux:linux_kernel:2.4.0:test8Linux Kernel 2.4.0 test8
cpe:/o:linux:linux_kernel:2.6.11.3Linux Kernel 2.6.11.3
cpe:/o:linux:linux_kernel:2.5.0Linux Kernel 2.5.0
cpe:/o:linux:linux_kernel:2.6.13:rc4Linux Kernel 2.6.13 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.15:rc1Linux Kernel 2.6.15 Release Candidate 1
cpe:/o:linux:linux_kernel:2.4.19:pre3Linux Kernel 2.4.19 pre3
cpe:/o:linux:linux_kernel:2.4.23_ow2
cpe:/o:linux:linux_kernel:2.6.12:rc4Linux Kernel 2.6.12 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64
cpe:/o:linux:linux_kernel:2.6.11.9Linux Kernel 2.6.11.9
cpe:/o:linux:linux_kernel:2.4.23Linux Kernel 2.4.23
cpe:/o:linux:linux_kernel:2.4.0:test10Linux Kernel 2.4.0 test10
cpe:/o:linux:linux_kernel:2.4.30:rc2Linux Kernel 2.4.30 rc2
cpe:/o:linux:linux_kernel:2.0
cpe:/o:linux:linux_kernel:2.4.30Linux Kernel 2.4.30
cpe:/o:linux:linux_kernel:2.6.12.1Linux Kernel 2.6.12.1
cpe:/o:linux:linux_kernel:2.6.0::64-bit_x86
cpe:/o:linux:linux_kernel:2.2.16:pre6Linux Kernel 2.2.16 pre6
cpe:/o:linux:linux_kernel:2.4.27:pre2Linux Kernel 2.4.27 pre2
cpe:/o:linux:linux_kernel:2.6.8:rc3Linux Kernel 2.6.8 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.8.1.5::power3_smp
cpe:/o:linux:linux_kernel:2.4.0:test12Linux Kernel 2.4.0 test12
cpe:/o:linux:linux_kernel:2.4.0:test2Linux Kernel 2.4.0 test2
cpe:/o:linux:linux_kernel:2.4.18:pre1Linux Kernel 2.4.18 pre1
cpe:/o:linux:linux_kernel:2.6.12:rc1Linux Kernel 2.6.12 Release Candidate 1
cpe:/o:linux:linux_kernel:2.4.32:pre2Linux Kernel 2.4.32 pre2
cpe:/o:linux:linux_kernel:2.6.14.4Linux Kernel 2.6.14.4
cpe:/o:linux:linux_kernel:2.4.19:pre4Linux Kernel 2.4.19 pre4
cpe:/o:linux:linux_kernel:2.4.0:test4Linux Kernel 2.4.0 test4
cpe:/o:linux:linux_kernel:2.4.27:pre4Linux Kernel 2.4.27 pre4
cpe:/o:linux:linux_kernel:2.6.1:rc1Linux Kernel 2.6.1 Release Candidate 1
cpe:/o:linux:linux_kernel:2.4.27:pre5Linux Kernel 2.4.27 pre5
cpe:/o:linux:linux_kernel:2.6.1:rc2Linux Kernel 2.6.1 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.11.2Linux Kernel 2.6.11.2
cpe:/o:linux:linux_kernel:2.4.21:pre7Linux Kernel 2.4.21 pre7
cpe:/o:linux:linux_kernel:2.6.0:test4Linux Kernel 2.6 test4
cpe:/o:linux:linux_kernel:2.6.0Linux Kernel 2.6.0
cpe:/o:linux:linux_kernel:2.6.6:rc1Linux Kernel 2.6.6 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.12.3Linux Kernel 2.6.12.3
cpe:/o:linux:linux_kernel:2.6.11.4Linux Kernel 2.6.11.4
cpe:/o:linux:linux_kernel:2.3.99:pre1Linux Kernel 2.3.99 pre1
cpe:/o:linux:linux_kernel:2.3.99:pre5Linux Kernel 2.3.99 pre5
cpe:/o:linux:linux_kernel:2.6.3Linux Kernel 2.6.3
cpe:/o:linux:linux_kernel:2.6.11.12Linux Kernel 2.6.11.12
cpe:/o:linux:linux_kernel:2.6.0:test8Linux Kernel 2.6 test8
cpe:/o:linux:linux_kernel:2.4.31:pre1Linux Kernel 2.4.31 pre1
cpe:/o:linux:linux_kernel:2.4.19:pre5Linux Kernel 2.4.19 pre5
cpe:/o:linux:linux_kernel:2.2.0Linux Kernel 2.2
cpe:/o:linux:linux_kernel:2.4.30:rc3Linux Kernel 2.4.30 rc3
cpe:/o:linux:linux_kernel:2.6.0:test10Linux Kernel 2.6 test10
cpe:/o:linux:linux_kernel:2.4.0:test6Linux Kernel 2.4.0 test6
cpe:/o:linux:linux_kernel:2.4.25Linux Kernel 2.4.25
cpe:/o:linux:linux_kernel:2.4.31Linux Kernel 2.4.31
cpe:/o:linux:linux_kernel:2.3.99:pre7Linux Kernel 2.3.99 pre7
cpe:/o:linux:linux_kernel:2.6.11:rc2Linux Kernel 2.6.11 Release Candidate 2
cpe:/o:linux:linux_kernel:2.1
cpe:/o:linux:linux_kernel:2.6.15:rc7Linux Kernel 2.6.15 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.15:rc5Linux Kernel 2.6.15 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.7:rc1Linux Kernel 2.6.7 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.13.3Linux Kernel 2.6.13.3
cpe:/o:linux:linux_kernel:2.4.22:pre10Linux Kernel 2.4.22 pre10
cpe:/o:linux:linux_kernel:2.6.15:rc3Linux Kernel 2.6.15 Release Candidate 3
cpe:/o:linux:linux_kernel:2.3.99:pre2Linux Kernel 2.3.99 pre2
cpe:/o:linux:linux_kernel:2.6.0:test9Linux Kernel 2.6 test9
cpe:/o:linux:linux_kernel:2.4.18:pre5Linux Kernel 2.4.18 pre5
cpe:/o:linux:linux_kernel:2.2.25Linux Kernel 2.2.25
cpe:/o:linux:linux_kernel:2.6.0:test5Linux Kernel 2.6 test5
cpe:/o:linux:linux_kernel:2.0.9.9
cpe:/o:linux:linux_kernel:2.6.13.2Linux Kernel 2.6.13.2
cpe:/o:linux:linux_kernel:2.6.11_rc1_bk6
cpe:/o:linux:linux_kernel:2.4.28Linux Kernel 2.4.28
cpe:/o:linux:linux_kernel:2.6.14:rc3Linux Kernel 2.6.14 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.8.1Linux Kernel 2.6.8.1
cpe:/o:linux:linux_kernel:2.6.12Linux Kernel 2.6.12
cpe:/o:linux:linux_kernel:2.6.11:rc3Linux Kernel 2.6.11 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.11:rc4Linux Kernel 2.6.11 Release Candidate 4
cpe:/o:linux:linux_kernel:2.4.29:rc1Linux Kernel 2.4.29 rc1
cpe:/o:linux:linux_kernel:2.4.19:pre6Linux Kernel 2.4.19 pre6
cpe:/o:linux:linux_kernel:2.4.0:test7Linux Kernel 2.4.0 test7
cpe:/o:linux:linux_kernel:2.6.14:rc1Linux Kernel 2.6.14 Release Candidate 1
cpe:/o:linux:linux_kernel:2.4.21:pre1Linux Kernel 2.4.21 pre1
cpe:/o:linux:linux_kernel:2.4.27:pre3Linux Kernel 2.4.27 pre3
cpe:/o:linux:linux_kernel:2.4.18:pre3Linux Kernel 2.4.18 pre3
cpe:/o:linux:linux_kernel:2.4.32:pre1Linux Kernel 2.4.32 pre1
cpe:/o:linux:linux_kernel:2.6.0:test7Linux Kernel 2.6 test7
cpe:/o:linux:linux_kernel:2.6.13.1Linux Kernel 2.6.13.1
cpe:/o:linux:linux_kernel:2.4.19:pre2Linux Kernel 2.4.19 pre2
cpe:/o:linux:linux_kernel:2.6.8.1.5::k7
cpe:/o:linux:linux_kernel:2.6.12:rc5Linux Kernel 2.6.12 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8_smp
cpe:/o:linux:linux_kernel:2.6.8.1.5::686_smp
cpe:/o:linux:linux_kernel:2.3.0Linux Kernel 2.3
cpe:/o:linux:linux_kernel:2.6.15:rc6Linux Kernel 2.6.15 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.12.5Linux Kernel 2.6.12.5
cpe:/o:linux:linux_kernel:2.4.18::x86
cpe:/o:linux:linux_kernel:2.6.13.4Linux Kernel 2.6.13.4
cpe:/o:linux:linux_kernel:2.6.5Linux Kernel 2.6.5
cpe:/o:linux:linux_kernel:2.6.7Linux Kernel 2.6.7
cpe:/o:linux:linux_kernel:2.4.18:pre7Linux Kernel 2.4.18 pre7
cpe:/o:linux:linux_kernel:2.4.0:test9Linux Kernel 2.4.0 test9
cpe:/o:linux:linux_kernel:2.6.12.6Linux Kernel 2.6.12.6
cpe:/o:linux:linux_kernel:2.6.11:rc1Linux Kernel 2.6.11 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.12.4Linux Kernel 2.6.12.4
cpe:/o:linux:linux_kernel:2.4.0:test11Linux Kernel 2.4.0 test11
cpe:/o:linux:linux_kernel:2.6_test9_cvs
cpe:/o:linux:linux_kernel:2.6.14:rc2Linux Kernel 2.6.14 Release Candidate 2
cpe:/o:linux:linux_kernel:2.2.15:pre16Linux Kernel 2.2.15 pre16
cpe:/o:linux:linux_kernel:2.4.27:pre1Linux Kernel 2.4.27 pre1
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_xeon
cpe:/o:linux:linux_kernel:2.6.11.8Linux Kernel 2.6.11.8
cpe:/o:linux:linux_kernel:2.6.8.1.5::k7_smp
cpe:/o:linux:linux_kernel:2.4.24Linux Kernel 2.4.24
cpe:/o:linux:linux_kernel:2.2.15_pre20
cpe:/o:linux:linux_kernel:2.6.4Linux Kernel 2.6.4
cpe:/o:linux:linux_kernel:2.6.8.1.5::386
cpe:/o:linux:linux_kernel:2.6.13Linux Kernel 2.6.13
cpe:/o:linux:linux_kernel:2.4.18:pre4Linux Kernel 2.4.18 pre4
cpe:/o:linux:linux_kernel:2.6.8:rc2Linux Kernel 2.6.8 Release Candidate 2
cpe:/o:linux:linux_kernel:2.4.18:pre8Linux Kernel 2.4.18 pre8
cpe:/o:linux:linux_kernel:2.2.27:rc2Linux Kernel 2.2.27 rc2
cpe:/o:linux:linux_kernel:2.6.11.5Linux Kernel 2.6.11.5
cpe:/o:linux:linux_kernel:2.6.10:rc2Linux Kernel 2.6.10 Release Candidate 2
cpe:/o:linux:linux_kernel:2.4.18:pre6Linux Kernel 2.4.18 pre6
cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc_smp
cpe:/o:linux:linux_kernel:2.4.21:pre4Linux Kernel 2.4.21 pre4
cpe:/o:linux:linux_kernel:2.6.0::itanium_ia64_montecito
cpe:/o:linux:linux_kernel:2.6.8.1.5::power4_smp
cpe:/o:linux:linux_kernel:2.6.8.1.5
cpe:/o:linux:linux_kernel:2.4.0:test5Linux Kernel 2.4.0 test5
cpe:/o:linux:linux_kernel:2.6.2Linux Kernel 2.6.2
cpe:/o:linux:linux_kernel:2.6.8:rc1Linux Kernel 2.6.8 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.11.11Linux Kernel 2.6.11.11
cpe:/o:linux:linux_kernel:2.4.19:pre1Linux Kernel 2.4.19 pre1
cpe:/o:linux:linux_kernel:2.4.18:pre2Linux Kernel 2.4.18 pre2
cpe:/o:linux:linux_kernel:2.6.11.7Linux Kernel 2.6.11.7
cpe:/o:linux:linux_kernel:2.6.10Linux Kernel 2.6.10
cpe:/o:linux:linux_kernel:2.6.14Linux Kernel 2.6.14
cpe:/o:linux:linux_kernel:2.4.26Linux Kernel 2.4.26
cpe:/o:linux:linux_kernel:2.6.0:test3Linux Kernel 2.6 test3
cpe:/o:linux:linux_kernel:2.6.8Linux Kernel 2.6.8
cpe:/o:linux:linux_kernel:2.6.11.1Linux Kernel 2.6.11.1
cpe:/o:linux:linux_kernel:2.6.14.1Linux Kernel 2.6.14.1
cpe:/o:linux:linux_kernel:2.6.14.3Linux Kernel 2.6.14.3
cpe:/o:linux:linux_kernel:2.6.13:rc6Linux Kernel 2.6.13 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.6Linux Kernel 2.6.6
cpe:/o:linux:linux_kernel:2.4.29Linux Kernel 2.4.29
cpe:/o:linux:linux_kernel:2.6.11.10Linux Kernel 2.6.11.10
cpe:/o:linux:linux_kernel:2.6.8.1.5::power3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4635
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4635
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200512-875
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/16139
(PATCH)  BID  16139
http://secunia.com/advisories/18216
(VENDOR_ADVISORY)  SECUNIA  18216
http://www.vupen.com/english/advisories/2006/0035
(UNKNOWN)  VUPEN  ADV-2006-0035
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15
(UNKNOWN)  CONFIRM  http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ea86575eaf99a9262a969309d934318028dbfacb
(UNKNOWN)  MISC  http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ea86575eaf99a9262a969309d934318028dbfacb
http://www.novell.com/linux/security/advisories/2006_06_kernel.html
(UNKNOWN)  SUSE  SUSE-SA:2006:006
http://secunia.com/advisories/18788
(UNKNOWN)  SECUNIA  18788

- 漏洞信息

Linux Kernel FIB_LOOKUP拒绝服务漏洞
中危 其他
2005-12-31 00:00:00 2006-01-12 00:00:00
远程  
        Linux内核2.6.15之前版本的fib_frontend.c中的nl_fib_input函数未检查标题和有效负载的有效长度,远程攻击者可通过一个有缺陷的fib_lookup netlink消息发起拒绝服务攻击(无效内存引用)。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-default-2.6.13-15.8.ppc.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default-2.6.13-15.8.x86_64.rpm
        tp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-tools-ioemu-3.0_8259-0.1.x86_64.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/Intel-536ep-4.69-14.3.i586.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-xen-nongpl-2.6.13-15.8.i586.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/xen-3.0_8259-0.1.i586.rpm

- 漏洞信息

22214
Linux Kernel fib_frontend.c Crafted fib_lookup Netlink Message DoS
Denial of Service
Loss of Availability
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-01-02 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.6.15 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel FIB_LOOKUP Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 16139
Yes No
2006-01-04 12:00:00 2007-01-25 04:19:00
Reported by the vendor.

- 受影响的程序版本

S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Personal 10.0 OSS
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14 -rc4
Linux kernel 2.6.14 -rc3
Linux kernel 2.6.14 -rc2
Linux kernel 2.6.14 -rc1
Linux kernel 2.6.14
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc4
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.13
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc5
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
+ Red Hat Fedora Core4
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Trustix Secure Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
+ S.u.S.E. Linux Enterprise Server 9
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.6.15

- 不受影响的程序版本

Linux kernel 2.6.15

- 漏洞讨论

Linux kernel is prone to a denial-of-service vulnerability.

This issue arises when the kernel handles specially crafted 'fib_lookup netlink' messages.

Successful exploitation may allow remote attackers to trigger a denial-of-service condition. Local exploitation may be possible as well.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Linux kernel 2.6.15 has been released to address this issue.

Please see the referenced vendor advisories for details on obtaining and applying fixes.


S.u.S.E. Linux Professional 10.0

Linux kernel 2.6.13

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站