Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 176717 - Kernel: Fib_Semantics.C Out Of Bounds Access Vulnerability (CVE-2007-2172)
Summary: Kernel: Fib_Semantics.C Out Of Bounds Access Vulnerability (CVE-2007-2172)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.securityfocus.com/bid/2344...
Whiteboard: [linux < 2.6.21][gp < 2.6.21-1]
Keywords:
Depends on:
Blocks:
 
Reported: 2007-05-01 18:30 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2013-09-03 03:18 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-05-01 18:30:33 UTC
The Linux kernel is prone to an out-of-bounds-access vulnerability. This issue occurs because the semantics for IPv4 Forwarding Information Base fail to adequately bounds-check user-supplied data before accessing an array.

An attacker can exploit this issue to cause denial-of-service conditions. Arbitrary code execution may also be possible, but this has not been confirmed.

Versions prior to 2.6.21-rc6 are vulnerable.
Comment 1 unnamedrambler 2008-03-08 19:39:38 UTC
metadata:
[linux < 2.6.21] a0ee18b9b7d3847976c6fb315c06a34fb296de0e
[gp < 2.6.21-1]