CVE - CVE-2007-2172

CVE-ID
CVE-2007-2172	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:23447 URL:http://www.securityfocus.com/bid/23447 CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35 CONFIRM:http://www.mail-archive.com/git-commits-head@vger.kernel.org/msg08269.html CONFIRM:http://www.mail-archive.com/git-commits-head@vger.kernel.org/msg08270.html DEBIAN:DSA-1356 URL:http://www.debian.org/security/2007/dsa-1356 DEBIAN:DSA-1363 URL:http://www.debian.org/security/2007/dsa-1363 DEBIAN:DSA-1503 URL:http://www.debian.org/security/2008/dsa-1503 DEBIAN:DSA-1504 URL:http://www.debian.org/security/2008/dsa-1504 MANDRIVA:MDKSA-2007:171 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:171~~ (Obsolete source) MANDRIVA:MDKSA-2007:196 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:196~~ (Obsolete source) MANDRIVA:MDKSA-2007:216 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:216~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:10764 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10764 REDHAT:RHSA-2007:0347 URL:http://www.redhat.com/support/errata/RHSA-2007-0347.html REDHAT:RHSA-2007:0488 URL:http://rhn.redhat.com/errata/RHSA-2007-0488.html REDHAT:RHSA-2007:1049 URL:http://www.redhat.com/support/errata/RHSA-2007-1049.html REDHAT:RHSA-2008:0787 URL:http://www.redhat.com/support/errata/RHSA-2008-0787.html SECUNIA:25068 URL:http://secunia.com/advisories/25068 SECUNIA:25288 URL:http://secunia.com/advisories/25288 SECUNIA:25392 URL:http://secunia.com/advisories/25392 SECUNIA:25838 URL:http://secunia.com/advisories/25838 SECUNIA:26289 URL:http://secunia.com/advisories/26289 SECUNIA:26450 URL:http://secunia.com/advisories/26450 SECUNIA:26620 URL:http://secunia.com/advisories/26620 SECUNIA:26647 URL:http://secunia.com/advisories/26647 SECUNIA:27913 URL:http://secunia.com/advisories/27913 SECUNIA:29058 URL:http://secunia.com/advisories/29058 SECUNIA:33280 URL:http://secunia.com/advisories/33280 UBUNTU:USN-464-1 URL:http://www.ubuntu.com/usn/usn-464-1 VUPEN:ADV-2007-2690 URL:~~http://www.vupen.com/english/advisories/2007/2690~~ (Obsolete source) XF:kernel-dnfibprops-fibprops-dos(33979) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/33979
Assigning CNA
MITRE Corporation
Date Record Created
20070422	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070422)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)