CVE-2007-5501

Published Nov 15, 2007
Last updated a month ago
CVSS info 7.8
Overview

Description: The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.
Source: secalert@redhat.com
NVD status: Deferred
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: CWE-399
Hype score: Not currently trending
Vendor comments

Red HatNot vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08A6E33E-5847-45DA-B9C9-79A7C5C877D6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1F60C33-3CEA-45F0-97FA-18C029270190"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "247E13CB-9B11-4B64-80AD-C0F8482CCC0E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "903FE5D3-A9FB-466D-833B-448233BB0803"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "958EDC43-0848-4D93-9D07-6A085A5940B0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD35F21D-0A28-4C14-BCF5-8EDA760701C0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AAD8BE9-A05B-40E8-80DF-0B2878968BD6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AD2E9DC-2876-4515-BCE6-DDD0CC6A5708"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2F19064-CFBF-4B3C-A0A1-CE62265CD592"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD3F0CEC-B8FA-47E3-BA3E-182F43D3DA86"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB759752-DC19-4750-838B-056063EFDC5F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96A43C95-8569-40BE-9E5B-F9B3D0B9D188"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABD70B2B-9827-4DBB-B82D-0B70C2D4AB1F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99662904-E5E3-4E81-B199-39707EAEB652"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AAA75FD-FBF0-4D0D-9485-9CC19559DD66"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "053D359F-F2DA-47DB-9DD1-B49811DFF620"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39CBD1BA-B8A9-404D-9E94-5E643EE313CA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6465E61D-0238-4ED3-B4CB-E3B93F4F324F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "830B8340-2B8F-4F0A-8943-F4413411573C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D123AAFE-3F17-45C4-9382-BA392FD022C4"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0C256E6-2691-4478-A51C-DE580A717AB9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE8A26D6-1BDA-45F0-8F7C-F95986050E32"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61A3EDF2-09D7-4116-AE46-D86E4B9602AC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12A55028-B8F9-4AD2-AE57-A80D561F3C79"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C4E641C-67D4-4599-8EFB-0B2F8D81D68C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70460F6C-D6C0-4C1A-B13E-368705EAF223"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F26BA18-08AD-45FE-9F83-25CCB2E27270"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EBFF148-3EDA-4216-910B-8930D8C443C2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "648C63F7-EA1D-4F2E-B8AF-1F380C83E542"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1697B855-4834-4633-A5C8-C1F7F13ACE0D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FBAE75F-9145-4B9A-A6D8-E488C5326145"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5990C6C2-2F66-4C4D-8224-74163865F410"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A45A9B9-4B19-4A5B-BC95-BCBC4EF00F12"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C23AD176-3B99-4593-BCBD-13C1E579A13E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "034DFD7F-8919-4245-8480-7B272F591271"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CEBC606-6488-48CE-8AA8-5B8CC724D5D0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A83C60AF-50A9-480E-860D-45E80AC0A6B7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E249774-CE05-43D5-A5A3-7CCE24BB2AD9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D42BA44-C69B-4170-9867-CABF93CA9BD6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6BCD075-9FCE-496C-9807-3A13998129B1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "460BC48C-1598-4739-A64B-A2350BC6BD28"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7700AB42-8543-4FA5-9BAF-EF2F126E9375"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8C31F2D-385F-46CF-8F04-61157EE35013"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3588EB36-674F-49FB-A51C-0B52F8BFD9D4"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C93A9E4-08DA-44D2-B6D9-76BD287FA5DC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:rc9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5575728-D466-4CC9-95BA-8CA433D19566"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5140380C-71BD-464F-AE53-1814C2653056"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22FB141B-FA2A-435D-8937-83FC0669CB20"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C59131C8-F66A-4380-9F6E-3FC14C7C8562"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5421616-4BF5-4269-8996-C3D2BA6AE2A1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23FC6CE2-8717-4558-A309-A441D322F00E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "311BE336-7BB2-47C0-AED5-3DEA706C206F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "085259B8-9D41-42B0-B32B-66B8D365F106"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A12DE15-E192-4B90-ADB7-A886B3746DD7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References
