CVE-2007-5501

{"id": "CVE-2007-5501", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-11-15T20:46:00.000", "references": [{"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=96a2d41a3e495734b63bff4e5dd0112741b93b38", "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html", "source": "secalert@redhat.com"}, {"url": "http://lwn.net/Articles/258947/", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/27664", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/27703", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/27888", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/27919", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/27922", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28170", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/28706", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/29245", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc3", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.novell.com/linux/security/advisories/2007_63_kernel.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/26474", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-558-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-574-1", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2007/3902", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38548", "source": "secalert@redhat.com"}, {"url": "https://issues.rpath.com/browse/RPL-1965", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00032.html", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00170.html", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00302.html", "source": "secalert@redhat.com"}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=96a2d41a3e495734b63bff4e5dd0112741b93b38", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lwn.net/Articles/258947/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27664", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27703", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27888", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27919", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27922", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/28170", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/28706", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/29245", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.24-rc3", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:044", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.novell.com/linux/security/advisories/2007_63_kernel.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/26474", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/usn-558-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/usn-574-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/3902", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38548", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://issues.rpath.com/browse/RPL-1965", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00032.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00170.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00302.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference."}, {"lang": "es", "value": "La funci\u00f3n tcp_sacktag_write_queue en el archivo net/ipv4/tcp_input.c en el kernel de Linux versiones 2.6.21 hasta 2.6.23.7 ??y versiones 2.6.24-rc hasta 2.6.24-rc2, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de respuestas ACK dise\u00f1adas que desencadenan una desreferencia del puntero"}], "lastModified": "2024-11-21T00:38:02.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08A6E33E-5847-45DA-B9C9-79A7C5C877D6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1F60C33-3CEA-45F0-97FA-18C029270190"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "247E13CB-9B11-4B64-80AD-C0F8482CCC0E"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "903FE5D3-A9FB-466D-833B-448233BB0803"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "958EDC43-0848-4D93-9D07-6A085A5940B0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD35F21D-0A28-4C14-BCF5-8EDA760701C0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AAD8BE9-A05B-40E8-80DF-0B2878968BD6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AD2E9DC-2876-4515-BCE6-DDD0CC6A5708"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2F19064-CFBF-4B3C-A0A1-CE62265CD592"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD3F0CEC-B8FA-47E3-BA3E-182F43D3DA86"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB759752-DC19-4750-838B-056063EFDC5F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96A43C95-8569-40BE-9E5B-F9B3D0B9D188"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABD70B2B-9827-4DBB-B82D-0B70C2D4AB1F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99662904-E5E3-4E81-B199-39707EAEB652"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AAA75FD-FBF0-4D0D-9485-9CC19559DD66"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "053D359F-F2DA-47DB-9DD1-B49811DFF620"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39CBD1BA-B8A9-404D-9E94-5E643EE313CA"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6465E61D-0238-4ED3-B4CB-E3B93F4F324F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "830B8340-2B8F-4F0A-8943-F4413411573C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D123AAFE-3F17-45C4-9382-BA392FD022C4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0C256E6-2691-4478-A51C-DE580A717AB9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE8A26D6-1BDA-45F0-8F7C-F95986050E32"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61A3EDF2-09D7-4116-AE46-D86E4B9602AC"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12A55028-B8F9-4AD2-AE57-A80D561F3C79"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C4E641C-67D4-4599-8EFB-0B2F8D81D68C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70460F6C-D6C0-4C1A-B13E-368705EAF223"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F26BA18-08AD-45FE-9F83-25CCB2E27270"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EBFF148-3EDA-4216-910B-8930D8C443C2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "648C63F7-EA1D-4F2E-B8AF-1F380C83E542"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1697B855-4834-4633-A5C8-C1F7F13ACE0D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FBAE75F-9145-4B9A-A6D8-E488C5326145"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5990C6C2-2F66-4C4D-8224-74163865F410"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A45A9B9-4B19-4A5B-BC95-BCBC4EF00F12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C23AD176-3B99-4593-BCBD-13C1E579A13E"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "034DFD7F-8919-4245-8480-7B272F591271"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CEBC606-6488-48CE-8AA8-5B8CC724D5D0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A83C60AF-50A9-480E-860D-45E80AC0A6B7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E249774-CE05-43D5-A5A3-7CCE24BB2AD9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D42BA44-C69B-4170-9867-CABF93CA9BD6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6BCD075-9FCE-496C-9807-3A13998129B1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "460BC48C-1598-4739-A64B-A2350BC6BD28"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7700AB42-8543-4FA5-9BAF-EF2F126E9375"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8C31F2D-385F-46CF-8F04-61157EE35013"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3588EB36-674F-49FB-A51C-0B52F8BFD9D4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C93A9E4-08DA-44D2-B6D9-76BD287FA5DC"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5575728-D466-4CC9-95BA-8CA433D19566"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5140380C-71BD-464F-AE53-1814C2653056"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22FB141B-FA2A-435D-8937-83FC0669CB20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C59131C8-F66A-4380-9F6E-3FC14C7C8562"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5421616-4BF5-4269-8996-C3D2BA6AE2A1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23FC6CE2-8717-4558-A309-A441D322F00E"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "311BE336-7BB2-47C0-AED5-3DEA706C206F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "085259B8-9D41-42B0-B32B-66B8D365F106"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A12DE15-E192-4B90-ADB7-A886B3746DD7"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.", "lastModified": "2007-11-20T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}