Upstream information
Description
The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 4.4 |
| Vector | AV:L/AC:M/Au:S/C:N/I:N/A:C |
| Access Vector | Local |
| Access Complexity | Medium |
| Authentication | Single |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Complete |
SUSE Security Advisories:
- SUSE-SA:2007:029, published Thu, 03 May 2007 18:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 02:40:12 2013CVE page last modified: Fri Dec 8 16:20:07 2023