Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux_kernel | Linux | 2.4.0 (including) | 2.4.36.5 (excluding) |
| Linux_kernel | Linux | 2.6.0 (including) | 2.6.25.3 (excluding) |
| Linux | Ubuntu | hardy | * |
| Linux | Ubuntu | upstream | * |
| Linux-source-2.6.15 | Ubuntu | dapper | * |
| Linux-source-2.6.15 | Ubuntu | upstream | * |
| Linux-source-2.6.20 | Ubuntu | feisty | * |
| Linux-source-2.6.20 | Ubuntu | upstream | * |
| Linux-source-2.6.22 | Ubuntu | gutsy | * |
| Linux-source-2.6.22 | Ubuntu | upstream | * |
| MRG for RHEL-5 | RedHat | kernel-rt-0:2.6.24.7-74.el5rt | * |
| Red Hat Enterprise Linux 2.1 | RedHat | kernel-0:2.4.18-e.67 | * |
| Red Hat Enterprise Linux 2.1 | RedHat | kernel-0:2.4.9-e.74 | * |
| Red Hat Enterprise Linux 3 | RedHat | kernel-0:2.4.21-58.EL | * |
| Red Hat Enterprise Linux 4 | RedHat | kernel-0:2.6.9-67.0.22.EL | * |
| Red Hat Enterprise Linux 5 | RedHat | kernel-0:2.6.18-92.1.10.el5 | * |