Rapid7 Vulnerability & Exploit Database

SUSE-SA:2007:021: Linux kernel

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SUSE-SA:2007:021: Linux kernel

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

03/16/2007

Created

07/25/2018

Added

04/05/2007

Modified

11/18/2015

Description

The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.

Solution(s)

References

https://attackerkb.com/topics/cve-2006-2936
19033
21353
21604
21835
21883
22316
22539
22625
CVE - 2006-2936
CVE - 2006-5749
CVE - 2006-5751
CVE - 2006-5753
CVE - 2006-6106
CVE - 2007-0006
CVE - 2007-0772
DSA-1184
DSA-1233
DSA-1304
DSA-1503
27119
33020
33022
OVAL10151
OVAL10265
OVAL10891
OVAL9371
OVAL9829
RHSA-2006:0617
RHSA-2007:0014
RHSA-2007:0085
RHSA-2007:0099
SUSE-SA:2006:079
SUSE-SA:2007:018
SUSE-SA:2007:021
SUSE-SA:2007:030
SUSE-SA:2007:035
SUSE-SA:2007:053
http://bugzilla.kernel.org/show_bug.cgi?id=7727
http://fedoranews.org/cms/node/2739
http://fedoranews.org/cms/node/2740
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:150
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:151
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:012
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:025
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:040
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:047
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:060
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:078
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.5
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18.4
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.1
http://lkml.org/lkml/2007/1/3/150
http://marc.theaimsgroup.com/?l=linux-kernel&m=116614741607528&w=2
http://marc.theaimsgroup.com/?l=linux-kernel&m=116648929829440&w=2
http://projects.info-pull.com/mokb/MOKB-29-11-2006.html
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm
http://www.debian.org/security/2006/dsa-1184
http://www.debian.org/security/2007/dsa-1304
http://www.debian.org/security/2008/dsa-1503
http://www.frsirt.com/english/advisories/2006/2841
http://www.frsirt.com/english/advisories/2006/4781
http://www.frsirt.com/english/advisories/2006/5037
http://www.frsirt.com/english/advisories/2007/0660
http://www.kernel.org/git/?p=linux/kernel/git/gregkh/patches.git;a=blob;h=4b4d9cfea17618b80d3ac785b701faeaf60141f1;hb=396eb2aac550ec55856c6843ef9017e800c3d656
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;h=4c61a7e0a86e1ae9e16867f9f8e4b0412b8edbaf;hp=4e4119a1213925568b8a1acdef9bf52b98b19da3;hb=ba8379b220509e9448c00a77cf6c15ac2a559cc7;f=net/bridge/br_ioctl.c
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ba8379b220509e9448c00a77cf6c15ac2a559cc7
http://www.kernel.org/git/?p=linux/kernel/git/wtarreau/linux-2.4.git;a=commitdiff;h=05dca9b77f99d80cf615075624666106d5b61727
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
http://www.mandriva.com/security/advisories?name=MDKSA-2007:002
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
http://www.mandriva.com/security/advisories?name=MDKSA-2007:040
http://www.mandriva.com/security/advisories?name=MDKSA-2007:047
http://www.mandriva.com/security/advisories?name=MDKSA-2007:060
http://www.mandriva.com/security/advisories?name=MDKSA-2007:078
http://www.novell.com/linux/security/advisories/2007_21_kernel.html
http://www.securityfocus.com/archive/1/471457
http://www.securityfocus.com/archive/1/archive/1/440300/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/453681/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/459615/100/0/threaded
http://www.trustix.org/errata/2007/0002/
http://www.ubuntu.com/usn/usn-331-1
http://www.ubuntu.com/usn/usn-346-1
http://www.ubuntu.com/usn/usn-395-1
http://www.ubuntu.com/usn/usn-416-1
http://www.ubuntu.com/usn/usn-451-1
http://www.us.debian.org/security/2006/dsa-1233
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197610
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218602
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495
https://issues.rpath.com/browse/RPL-1063
https://issues.rpath.com/browse/RPL-1097
https://issues.rpath.com/browse/RPL-1106
https://issues.rpath.com/browse/RPL-803
https://issues.rpath.com/browse/RPL-837
https://issues.rpath.com/browse/RPL-848
27807
30588
30912
32578

Advanced vulnerability management analytics and reporting.

Key Features

Lightweight Endpoint Agent
Live Dashboards
Real Risk Prioritization
IT-Integrated Remediation Projects
Cloud, Virtual, and Container Assessment
Integrated Threat Feeds
Easy-to-Use RESTful API
Automation-Assisted Patching
Automated Containment

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;