CVE Vulnerabilities

CVE-2005-3809

Published: Nov 25, 2005 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 2.6.14 2.6.14
Linux_kernel Linux 2.6.14 2.6.14
Linux_kernel Linux 2.6.14.3 2.6.14.3
Linux_kernel Linux 2.6.14 2.6.14
Linux_kernel Linux 2.6.14.1 2.6.14.1
Linux_kernel Linux 2.6.14 2.6.14
Linux_kernel Linux 2.6.14.2 2.6.14.2
Linux_kernel Linux 2.6.14 2.6.14

References