| Vulnerability Name: | CVE-2008-2136 (CCN-42451) | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2008-05-09 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2008-05-09 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2018-10-31 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Summary: | Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count. | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-399 CWE-401 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2008-2136 Source: CONFIRM Type: Vendor Advisory http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3 Source: SUSE Type: Third Party Advisory SUSE-SA:2008:030 Source: SUSE Type: Third Party Advisory SUSE-SA:2008:032 Source: CCN Type: linux-netdev Mailing List, 2008-05-09 4:49:27 When should kfree_skb be used? Source: MLIST Type: Mailing List, Third Party Advisory [linux-kernel] 20080509 Re: When should kfree_skb be used? Source: CCN Type: RHSA-2008-0585 Important: kernel security and bug fix update Source: CCN Type: RHSA-2008-0607 Important: kernel security and bug fix update Source: CCN Type: RHSA-2008-0612 Important: kernel security and bug fix update Source: CCN Type: RHSA-2008-0787 Important: kernel security update Source: CCN Type: RHSA-2008-0973 Important: kernel security and bug fix update Source: CCN Type: RHSA-2009-0001 Important: kernel security update Source: SECUNIA Type: Third Party Advisory 30198 Source: CCN Type: SA30241 Linux Kernel Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 30241 Source: SECUNIA Type: Third Party Advisory 30276 Source: SECUNIA Type: Third Party Advisory 30368 Source: CCN Type: SA30499 Linux Kernel Denial of Service Vulnerabilities Source: SECUNIA Type: Third Party Advisory 30499 Source: SECUNIA Type: Third Party Advisory 30818 Source: SECUNIA Type: Third Party Advisory 30962 Source: SECUNIA Type: Third Party Advisory 31107 Source: SECUNIA Type: Third Party Advisory 31198 Source: SECUNIA Type: Third Party Advisory 31341 Source: SECUNIA Type: Third Party Advisory 31628 Source: CCN Type: SA31689 Avaya Products Linux Kernel Local Denial of Service Source: SECUNIA Type: Third Party Advisory 31689 Source: SECUNIA Type: Third Party Advisory 33201 Source: SECUNIA Type: Third Party Advisory 33280 Source: CCN Type: SECTRACK ID: 1020118 Linux Kernel Memory Leak in SIT Code ipip6_rcv() Lets Remote Users Deny Service Source: CONFIRM Type: Third Party Advisory http://support.avaya.com/elmodocs2/security/ASA-2008-362.htm Source: CCN Type: ASA-2008-362 kernel security and bug fix update (RHSA-2008-0607) Source: CCN Type: ASA-2009-005 kernel security update (RHSA-2009-0001) Source: CCN Type: ASA-2009-035 kernel security update (RHSA-2008-0787) Source: CONFIRM Type: Broken Link http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0169 Source: DEBIAN Type: Third Party Advisory DSA-1588 Source: DEBIAN Type: DSA-1588 linux-2.6 -- denial of service Source: CCN Type: The Linux Kernel Archives Web site The Linux Kernel Archives Source: CONFIRM Type: Vendor Advisory http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5 Source: CONFIRM Type: Vendor Advisory http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3 Source: MANDRIVA Type: Third Party Advisory MDVSA-2008:167 Source: MANDRIVA Type: Third Party Advisory MDVSA-2008:174 Source: REDHAT Type: Third Party Advisory RHSA-2008:0585 Source: REDHAT Type: Third Party Advisory RHSA-2008:0607 Source: REDHAT Type: Third Party Advisory RHSA-2008:0612 Source: REDHAT Type: Third Party Advisory RHSA-2008:0787 Source: REDHAT Type: Third Party Advisory RHSA-2008:0973 Source: BID Type: Third Party Advisory, VDB Entry 29235 Source: CCN Type: BID-29235 Linux Kernel 'ipip6_rcv()' Remote Denial of Service Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1020118 Source: CCN Type: USN-625-1 Linux kernel vulnerabilities Source: UBUNTU Type: Third Party Advisory USN-625-1 Source: VUPEN Type: Third Party Advisory ADV-2008-1543 Source: VUPEN Type: Third Party Advisory ADV-2008-1716 Source: XF Type: Third Party Advisory, VDB Entry linux-kernel-ipip6rcv-dos(42451) Source: XF Type: UNKNOWN linux-kernel-ipip6rcv-dos(42451) Source: OVAL Type: Broken Link oval:org.mitre.oval:def:11038 Source: OVAL Type: Broken Link oval:org.mitre.oval:def:6503 Source: FEDORA Type: Third Party Advisory FEDORA-2008-3949 Source: SUSE Type: SUSE-SA:2008:030 Linux kernel security update Source: SUSE Type: SUSE-SA:2008:032 SUSE Linux Enterprise 10 SP1 Linux kernel | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration RedHat 7: Configuration RedHat 8: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||||||||||