CVE-2007-2172
Published Apr 22, 2007
Last updated a year ago
Overview
- Description
- A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.7
- Impact score
- 6.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FDADBBD-FCAE-4A5A-9B7D-14EF90D2DAB1",
"versionEndExcluding": "2.4.35",
"versionStartIncluding": "2.4.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F9EB73D-5DB8-46DE-995B-1FB161D93275",
"versionEndIncluding": "2.6.20",
"versionStartIncluding": "2.6.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8CBD2D9-3765-40B2-A056-D71BE750CC01"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8F4D967-ED04-42EA-8B3E-36301D39D651"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C498EE89-7F07-4B1E-90E6-5897E6B04670"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "708656AF-92AE-4EAF-AF19-F457DB04ADB7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B263AB8-74A4-4C73-915C-A02724C24B45"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A96D739B-9E8B-4D2F-9DED-4C9B313473CC"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4ACDEFEE-B946-4232-8BD5-A9F7AA84ED85"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08A6E33E-5847-45DA-B9C9-79A7C5C877D6"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1F60C33-3CEA-45F0-97FA-18C029270190"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "247E13CB-9B11-4B64-80AD-C0F8482CCC0E"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "903FE5D3-A9FB-466D-833B-448233BB0803"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "958EDC43-0848-4D93-9D07-6A085A5940B0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"
}
],
"operator": "OR"
}
]
}
]