Bug 250429 - (CVE-2007-2172) CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity high
: ---
: ---
Assigned To: Don Howard
Martin Jenner
: Security
Depends On: 384471 384481 384491 384501 384511 384521 384531
  Show dependency treegraph
Reported: 2007-08-01 11:56 EDT by Marcel Holtmann
Modified: 2011-09-28 14:04 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-09-28 14:04:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Marcel Holtmann 2007-08-01 11:56:57 EDT
The Linux kernel is prone to an out-of-bounds-access vulnerability. This issue
occurs because the semantics for IPv4 Forwarding Information Base fail to
adequately bounds-check user-supplied data before accessing an array.

An attacker can exploit this issue to cause denial-of-service conditions.
Arbitrary code execution may also be possible, but this has not been confirmed.
Comment 1 Don Howard 2007-11-14 04:25:11 EST
A patch for this issue has been included in build 2.4.21-53.EL.

Note You need to log in before you can comment on or make changes to this bug.