// For flags

CVE-2007-1000

Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak

Severity Score

5.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.

La función ipv6_getsockopt_sticky en net/ipv6/ipv6_sockglue.c en el núcleo de Linux anterior a 2.6.20.2 permite a usuarios locales leer memoria del núcleo de su elección mediante determinadas llamadas getsockopt que disparan una referencia a NULL.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-02-16 CVE Reserved
  • 2007-03-12 CVE Published
  • 2007-07-10 First Exploit
  • 2024-08-07 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (29)
URL Tag Source
http://bugzilla.kernel.org/show_bug.cgi?id=8134 X_refsource_confirm
http://secunia.com/advisories/24493 Third Party Advisory
http://secunia.com/advisories/24518 Third Party Advisory
http://secunia.com/advisories/24777 Third Party Advisory
http://secunia.com/advisories/24901 Third Party Advisory
http://secunia.com/advisories/25080 Third Party Advisory
http://secunia.com/advisories/25099 Third Party Advisory
http://secunia.com/advisories/25691 Third Party Advisory
http://secunia.com/advisories/26133 Third Party Advisory
http://secunia.com/advisories/26139 Third Party Advisory
http://www.kb.cert.org/vuls/id/920689 Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2 X_refsource_confirm
http://www.osvdb.org/33025 Vdb Entry
http://www.securityfocus.com/archive/1/471457 Mailing List
http://www.vupen.com/english/advisories/2007/0907 Vdb Entry
http://www.wslabi.com/wabisabilabi/initPublishedBid.do? X_refsource_misc
https://issues.rpath.com/browse/RPL-1153 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10015 Signature
URL Date SRC
https://www.exploit-db.com/exploits/4172 2007-07-10
http://www.securityfocus.com/bid/22904 2024-08-07
URL Date SRC
URL Date SRC
http://fedoranews.org/cms/node/2787 2017-10-11
http://fedoranews.org/cms/node/2788 2017-10-11
http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html 2017-10-11
http://www.mandriva.com/security/advisories?name=MDKSA-2007:078 2017-10-11
http://www.redhat.com/support/errata/RHSA-2007-0169.html 2017-10-11
http://www.ubuntu.com/usn/usn-486-1 2017-10-11
http://www.ubuntu.com/usn/usn-489-1 2017-10-11
https://access.redhat.com/security/cve/CVE-2007-1000 2007-04-30
https://bugzilla.redhat.com/show_bug.cgi?id=1618290 2007-04-30
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 <= 2.6.20.1
Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.20.1"
-
Affected