278021 – CVE-2007-4567 ipv6_hop_jumbo remote system crash

Bug 278021 - CVE-2007-4567 ipv6_hop_jumbo remote system crash

Summary: CVE-2007-4567 ipv6_hop_jumbo remote system crash

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	CVE-2007-4567
TreeView+	depends on / blocked

Reported:	2007-09-05 08:43 UTC by Marcel Holtmann
Modified:	2019-09-29 12:21 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-09-05 16:07:22 UTC
Embargoed:

Attachments	(Terms of Use)

Description Marcel Holtmann 2007-09-05 08:43:15 UTC

From Victor Julien:

There exists a way to crash the Linux kernel by sending a single IPv6 packet at it.

Comment 4 Marcel Holtmann 2007-09-05 08:52:11 UTC

Created attachment 187121 [details]
Linus thinks this patch fixed it upstream (not verified)

Comment 6 Thomas Graf 2007-09-05 15:21:47 UTC

Note, no RHEL tree is affected to this. This bug has been introduced with the
patch [IPV6]: Per-interface statistics support. which was accepted in 2.6.20
therefore the vulnerable code was never included in any of our releases.

Note You need to log in before you can comment on or make changes to this bug.