Vulnerability Name:

CVE-2007-6151 (CCN-39368)

Assigned:2007-12-01
Published:2007-12-01
Updated:2017-09-29
Summary:The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.
CVSS v3 Severity:6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
CWE-119
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2007-6151

Source: CCN
Type: The Linux Kernel Archives Web site
I4L: fix isdn_ioctl memory overrun vulnerability

Source: CONFIRM
Type: Exploit
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=eafe1aa37e6ec2d56f14732b5240c4dd09f0613a

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:007

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:017

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:032

Source: CCN
Type: VMware Security-Announce Mailing List, Mon Jul 28 18:11:35 PDT 2008
VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix

Source: MLIST
Type: UNKNOWN
[Security-announce] 20080728 VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix

Source: CCN
Type: RHSA-2008-0055
Important: kernel security and bug fix update

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0055

Source: CCN
Type: RHSA-2008-0211
Important: kernel security and bug fix update

Source: CCN
Type: RHSA-2008-0787
Important: kernel security update

Source: CCN
Type: RHSA-2009-0001
Important: kernel security update

Source: SECUNIA
Type: UNKNOWN
28626

Source: SECUNIA
Type: UNKNOWN
28706

Source: SECUNIA
Type: UNKNOWN
28748

Source: SECUNIA
Type: UNKNOWN
28889

Source: SECUNIA
Type: UNKNOWN
28971

Source: SECUNIA
Type: UNKNOWN
29058

Source: SECUNIA
Type: UNKNOWN
29570

Source: SECUNIA
Type: UNKNOWN
30110

Source: SECUNIA
Type: UNKNOWN
30962

Source: CCN
Type: SA31246
VMware ESX Server update for Samba and vmnix

Source: SECUNIA
Type: UNKNOWN
31246

Source: SECUNIA
Type: UNKNOWN
33280

Source: CCN
Type: ASA-2008-102
kernel security and bug fix update (RHSA-2008-0055)

Source: CCN
Type: ASA-2008-203
kernel security and bug fix update (RHSA-2008-0211)

Source: CCN
Type: ASA-2009-005
kernel security update (RHSA-2009-0001)

Source: CCN
Type: ASA-2009-035
kernel security update (RHSA-2008-0787)

Source: DEBIAN
Type: UNKNOWN
DSA-1479

Source: DEBIAN
Type: UNKNOWN
DSA-1503

Source: DEBIAN
Type: UNKNOWN
DSA-1504

Source: DEBIAN
Type: DSA-1479
linux-2.6 -- several vulnerabilities

Source: DEBIAN
Type: DSA-1503
kernel-source-2.4.27 -- several vulnerabilities

Source: DEBIAN
Type: DSA-1504
kernel-source-2.6.8 -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:086

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:112

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0211

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0787

Source: BID
Type: UNKNOWN
27497

Source: CCN
Type: BID-27497
Linux Kernel 'isdn_common.c' Local Buffer Overflow Vulnerability

Source: CCN
Type: USN-574-1
Linux kernel vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-574-1

Source: CCN
Type: USN-578-1
Linux kernel vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-578-1

Source: VUPEN
Type: UNKNOWN
ADV-2008-2222

Source: XF
Type: UNKNOWN
linux-kernel-isdnioctl-dos(39368)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10971

Source: SUSE
Type: SUSE-SA:2008:007
Linux Kernel Security Problem

Source: SUSE
Type: SUSE-SA:2008:017
Linux kernel security update

Source: SUSE
Type: SUSE-SA:2008:032
SUSE Linux Enterprise 10 SP1 Linux kernel

Vulnerable Configuration:Configuration 1:
  • cpe:/o:linux:linux_kernel:2.6.23:-:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:2.6.23:-:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20076151
    V
    		CVE-2007-6151
    2015-11-16
    oval:org.mitre.oval:def:17238
    P
    		USN-574-1 -- linux-source-2.6.17/20/22 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:17639
    P
    		USN-578-1 -- linux-source-2.6.15 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:8130
    P
    		DSA-1504 kernel-source-2.6.8 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:18770
    P
    		DSA-1479-1 linux-2.6
    2014-06-23
    oval:org.mitre.oval:def:7654
    P
    		DSA-1479 linux-2.6 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8063
    P
    		DSA-1503 kernel-source-2.4.27 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:10971
    V
    		The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.
    2013-04-29
    oval:com.redhat.rhsa:def:20080211
    P
    		RHSA-2008:0211: kernel security and bug fix update (Important)
    2008-05-07
    oval:org.debian:def:1504
    V
    		several vulnerabilities
    2008-02-22
    oval:org.debian:def:1503
    V
    		several vulnerabilities
    2008-02-22
    oval:com.redhat.rhsa:def:20080055
    P
    		RHSA-2008:0055: kernel security and bug fix update (Important)
    2008-01-31
    oval:org.debian:def:1479
    V
    		several vulnerabilities
    2008-01-29
    BACK
    linux linux kernel 2.6.23
    linux linux kernel 2.6.23
    suse linux enterprise server 8
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    novell open enterprise server *
    redhat linux advanced workstation 2.1
    canonical ubuntu 6.06
    suse suse linux 10.1
    suse linux enterprise server 9
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux 2007.1
    debian debian linux 4.0
    canonical ubuntu 7.04
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2007.1
    redhat enterprise linux 4.6.z ga
    redhat enterprise linux 4.6.z ga
    novell open enterprise server *
    novell opensuse 10.2
    novell opensuse 10.3
    vmware esx server 3.5