| Vulnerability Name: | CVE-2006-0035 (CCN-24202) | ||||||||
| Assigned: | 2005-12-20 | ||||||||
| Published: | 2006-01-11 | ||||||||
| Updated: | 2017-07-20 | ||||||||
| Summary: | The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.14 and 2.6.15 allows local users to cause a denial of service (infinite loop) via a nlmsg_len field of 0. | ||||||||
| CVSS v3 Severity: | 6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
| CVSS v2 Severity: | 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
| ||||||||
| Vulnerability Type: | CWE-399 | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-0035 Source: CCN Type: SA18482 Linux Kernel Multiple Denial of Service Vulnerabilities Source: SECUNIA Type: Patch, Vendor Advisory 18482 Source: SREASON Type: UNKNOWN 388 Source: CCN Type: The The Linux Kernel Archives Web site The Linux Kernel Archives Source: CONFIRM Type: Vendor Advisory http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ad8e4b75c8a7bed475d72ce09bf5267188621961 Source: CCN Type: The Linux Kernel Archives Web site 2.6.15.1 Changelog Source: CCN Type: OSVDB ID: 22386 Linux Kernel netlink_rcv_skb Function Crafted nlmsg_len Field DoS Source: BID Type: UNKNOWN 16414 Source: CCN Type: BID-16414 Linux Kernel Multiple Security Vulnerabilities Source: TRUSTIX Type: Patch 2006-0004 Source: VUPEN Type: Vendor Advisory ADV-2006-0220 Source: XF Type: UNKNOWN kernel-afnetlink-dos(24202) Source: XF Type: UNKNOWN kernel-afnetlink-dos(24202) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||