CVE-2010-0437
CVE-2010-0437
The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/33635unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugzilla.kernel.org/show_bug.cgi?id=11469http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9bhttps://bugzilla.redhat.com/show_bug.cgi?id=563781http://secunia.com/advisories/39033http://secunia.com/advisories/43315https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10061http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27http://www.openwall.com/lists/oss-security/2010/02/11/1http://www.openwall.com/lists/oss-security/2010/03/04/4http://www.redhat.com/support/errata/RHSA-2010-0147.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0161.htmlhttp://www.securityfocus.com/archive/1/516397/100/0/threaded