CVE Vulnerabilities

CVE-2008-3686

Published: Aug 14, 2008 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 requests when no IPv6 input device is in use, which triggers a NULL pointer dereference.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 2.6.26-rc4 (including) 2.6.26-rc4 (including)
Linux_kernel Linux 2.6.26.2 (including) 2.6.26.2 (including)

References