Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2402
HistoryNov 09, 2007 - 12:00 a.m.

Linux Kernel IEEE80211 HDRLen处理远程拒绝服务漏洞

2007-11-0900:00:00
Root
www.seebug.org
20

0.144 Low

EPSS

Percentile

95.8%

JSON

BUGTRAQ ID: 26337
CVE(CAN) ID: CVE-2007-4997

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel在IEEE80211协议的实现上存在漏洞,远程攻击者可能利用此漏洞导致服务器崩溃。

Linux Kernel的net/ieee80211/ieee80211_rx.c文件中的ieee80211_rx()函数没有检查skb->len >= hdrlen,如果远程攻击者发送的帧中设置了IEEE80211_STYPE_QOS_DATA标签的话,就会在以下代码中触发双字节整数溢出:

if (frag != 0)
flen -= hdrlen;

内核可能会变得忙碌或崩溃。

Linux kernel < 2.6.22.1
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.22.11.tar.gz” target=“_blank”>http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.22.11.tar.gz</a>

Related

nvd 1
ubuntucve 1
veracode 1
prion 1
cvelist 1
cve 1
nessus 18
openvas 27
securityvulns 4
oraclelinux 3
redhat 2
centos 1
suse 3
debian 2
osv 1
ubuntu 3
nvd
nvd
CVE-2007-4997
2007-11-06 19:46:00
ubuntucve
ubuntucve
CVE-2007-4997
2007-11-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:22:00
prion
prion
Integer overflow
2007-11-06 19:46:00
cvelist
cvelist
CVE-2007-4997
2007-11-06 19:00:00
cve
cve
CVE-2007-4997
2007-11-06 19:46:00
nessus
nessus
Oracle Linux 4 : kernel (ELSA-2007-1104)
2013-07-12 00:00:00
Scientific Linux Security Update : kernel on SL4.x i386/x86_64
2012-08-01 00:00:00
Mandrake Linux Security Advisory : kernel (MDKSA-2007:232)
2009-04-23 00:00:00
openvas
openvas
Mandriva Update for kernel MDKSA-2007:226 (kernel)
2009-04-09 00:00:00
Mandriva Update for kernel MDKSA-2007:232 (kernel)
2009-04-09 00:00:00
RedHat Update for kernel RHSA-2007:1104-01
2009-03-06 00:00:00
securityvulns
securityvulns
[ MDKSA-2007:232 ] - Updated kernel packages fix multiple vulnerabilities and bugs
2007-11-29 00:00:00
Linux multiple security vulnerabilities
2007-11-29 00:00:00
Linux kernel multiple security vulnrabilities
2008-01-13 00:00:00
oraclelinux
oraclelinux
Important: kernel security and bug fix update
2007-12-20 00:00:00
Important: kernel security update
2007-11-30 00:00:00
Updated kernel packages for Oracle Enterprise Linux 4.7
2008-08-01 00:00:00
redhat
redhat
(RHSA-2007:1104) Important: kernel security and bug fix update
2007-12-19 00:00:00
(RHSA-2007:0993) Important: kernel security update
2007-11-29 00:00:00
centos
centos
kernel security update
2007-12-21 16:37:34
suse
suse
remote denial of service in kernel
2007-11-09 16:00:31
remote denial of service in kernel
2007-12-04 11:58:44
local privilege escalation in kernel
2008-02-07 11:18:53
debian
debian
[SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-11 05:51:52
[SECURITY] [DSA 1428-2] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-12 04:11:50
osv
osv
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2007-12-11 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2007-12-19 00:00:00
Linux kernel vulnerabilities
2008-02-14 00:00:00
Linux kernel vulnerabilities
2008-02-04 00:00:00

0.144 Low

EPSS

Percentile

95.8%

JSON
Related for SSV:2402
nvd1ubuntucve1veracode1prion1cvelist1cve1nessus18openvas27securityvulns4oraclelinux3redhat2centos1suse3debian2osv1ubuntu3