203073 – Linux =2.6.2[01] Hop-by-hop IPv6 extended header Remote DoS (CVE-2007-4567)

Bug 203073 - Linux =2.6.2[01] Hop-by-hop IPv6 extended header Remote DoS (CVE-2007-4567)

Summary: Linux =2.6.2[01] Hop-by-hop IPv6 extended header Remote DoS (CVE-2007-4567)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	[linux >= 2.6.20 < 2.6.20.19][linux >...
Keywords:

Duplicates (2):	193688 212143 (view as bug list)
Depends on:
Blocks:

Reported:	2007-12-22 20:53 UTC by Robert Buchholz (RETIRED)
Modified:	2013-09-03 05:15 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Buchholz (RETIRED) gentoo-dev

2007-12-22 20:53:31 UTC

CVE-2007-4567 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4567):
  Linux kernel 2.6.22 and earlier, and possibly other versions, does not
  properly validate the hop-by-hop IPv6 extended header, which allows remote
  attackers to cause a denial of service (kernel panic) via a crafted IPv6
  packet.

Comment 1 unnamedrambler 2008-03-21 19:20:16 UTC

[linux >= 2.6.20 < 2.6.20.19] c7110d58361373f38fc8082da64359ea70bd9ee5
[linux >= 2.6.21 < 2.6.21.2] 08a6507044dd70c326de3ea484fd6d29b8101f17
also 2.6.22 e76b2b2567b83448c2ee85a896433b96150c92e6

[gp >= 2.6.20-1 < 2.6.20-16]
[gp >= 2.6.21-1 < 2.6.21-3]




reference:
http://bugzilla.kernel.org/show_bug.cgi?id=8450

Comment 2 Robert Buchholz (RETIRED) gentoo-dev

2008-05-08 17:59:52 UTC

*** Bug 193688 has been marked as a duplicate of this bug. ***

Comment 3 Robert Buchholz (RETIRED) gentoo-dev

2008-05-08 18:00:33 UTC

*** Bug 212143 has been marked as a duplicate of this bug. ***