Vulnerability Details : CVE-2007-6151
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2007-6151
- cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*
Threat overview for CVE-2007-6151
Top countries where our scanners detected CVE-2007-6151
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2007-6151 19
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2007-6151!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2007-6151
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-6151
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2007-6151
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-6151
-
http://lists.vmware.com/pipermail/security-announce/2008/000023.html
502 Bad Gateway
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:112
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10971
-
http://rhn.redhat.com/errata/RHSA-2008-0055.html
-
http://www.debian.org/security/2008/dsa-1479
-
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2008:032) - openSUSE Security Announce - openSUSE Mailing Lists
-
http://www.redhat.com/support/errata/RHSA-2008-0211.html
Support
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=eafe1aa37e6ec2d56f14732b5240c4dd09f0613a
Exploit
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:086
-
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html
-
http://www.ubuntu.com/usn/usn-574-1
-
http://www.debian.org/security/2008/dsa-1503
-
http://www.debian.org/security/2008/dsa-1504
-
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html
-
http://www.securityfocus.com/bid/27497
-
http://www.redhat.com/support/errata/RHSA-2008-0787.html
-
http://www.vupen.com/english/advisories/2008/2222/references
Site en construction
-
http://www.ubuntu.com/usn/usn-578-1
Jump to