CVE - CVE-2007-1861

CVE-ID
CVE-2007-1861	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:23677 URL:http://www.securityfocus.com/bid/23677 BUGTRAQ:20070508 FLEA-2007-0016-1: kernel URL:http://www.securityfocus.com/archive/1/467939/30/6690/threaded BUGTRAQ:20070615 rPSA-2007-0124-1 kernel xen URL:http://www.securityfocus.com/archive/1/471457 CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.8 CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=237913 CONFIRM:https://issues.rpath.com/browse/RPL-1309 DEBIAN:DSA-1289 URL:http://www.debian.org/security/2007/dsa-1289 MANDRIVA:MDKSA-2007:171 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:171~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:11616 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11616 REDHAT:RHSA-2007:0347 URL:http://www.redhat.com/support/errata/RHSA-2007-0347.html SECUNIA:25030 URL:http://secunia.com/advisories/25030 SECUNIA:25083 URL:http://secunia.com/advisories/25083 SECUNIA:25228 URL:http://secunia.com/advisories/25228 SECUNIA:25288 URL:http://secunia.com/advisories/25288 SECUNIA:25691 URL:http://secunia.com/advisories/25691 SECUNIA:25961 URL:http://secunia.com/advisories/25961 SECUNIA:26133 URL:http://secunia.com/advisories/26133 SECUNIA:26139 URL:http://secunia.com/advisories/26139 SECUNIA:26620 URL:http://secunia.com/advisories/26620 SUSE:SUSE-SA:2007:043 URL:http://www.novell.com/linux/security/advisories/2007_43_kernel.html UBUNTU:USN-486-1 URL:http://www.ubuntu.com/usn/usn-486-1 UBUNTU:USN-489-1 URL:http://www.ubuntu.com/usn/usn-489-1 VUPEN:ADV-2007-1595 URL:~~http://www.vupen.com/english/advisories/2007/1595~~ (Obsolete source) XF:kernel-netlinkfiblookup-dos(34014) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34014
Assigning CNA
Red Hat, Inc.
Date Record Created
20070404	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070404)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)