CVE-2007-5501
Published: 15 November 2007
The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.
Notes
Author | Note |
---|---|
kees | Ilpo Järvinen (original reporter) confirms that this is not actually exploitable |
Priority
Status
Package | Release | Status |
---|---|---|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
gutsy |
Not vulnerable
|
upstream |
Released
(2.6.23.7)
|