Vulnerability CVE-2007-1000: Information

Description

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.

Severity: HIGH (7.2)

URL: https://nvd.nist.gov/vuln/detail/CVE-2007-1000

Published: March 13, 2007

Modified: Oct. 11, 2017

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
usbip	sisyphus	5.10-alt1	5.10-alt1	ALT-PU-2023-1798-1	320453	Fixed
usbip	sisyphus_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7452-1	-	Fixed
usbip	p10	5.10-alt1	5.10-alt1	ALT-PU-2023-1903-1	320461	Fixed
usbip	p10_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7498-1	-	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://bugzilla.kernel.org/show_bug.cgi?id=8134
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2
22904	Exploit Patch
FEDORA-2007-335
FEDORA-2007-336
VU#920689	US Government Resource
33025
24518
24777
https://issues.rpath.com/browse/RPL-1153
24901
RHSA-2007:0169
25080
SUSE-SA:2007:029
25099
20070615 rPSA-2007-0124-1 kernel xen
http://www.wslabi.com/wabisabilabi/initPublishedBid.do?
MDKSA-2007:078
USN-486-1
USN-489-1
25691
24493
26133
26139
ADV-2007-0907
oval:org.mitre.oval:def:10015

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  End including
  2.6.20.1

Version: v24.5.0

Vulnerability CVE-2007-1000: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1