Computer Security
[EN] securityvulns.ru no-pyccku


Linux IPv6 socket double memory free vulnerability
Published:29.03.2007
Source:
SecurityVulns ID:7497
Type:remote
Threat Level:
5/10
Description:Double memory free in ipv6_fl_socklist.
Affected:LINUX : kernel 2.4
 LINUX : kernel 2.6
CVE:CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double-free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod