Your submission was sent successfully! Close

CVE-2007-6282

Published: 8 May 2008

The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.

From the Ubuntu security team

Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy Does not exist

hardy
Released (2.6.24-19.36)
upstream
Released (2.6.25~rc9)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-52.69)
feisty Does not exist

gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.25~rc9)
linux-source-2.6.20
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty
Released (2.6.20-17.37)
gutsy Does not exist

hardy Does not exist

upstream
Released (2.6.25~rc9)
linux-source-2.6.22
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty Does not exist

gutsy
Released (2.6.22-15.56)
hardy Does not exist

upstream
Released (2.6.25~rc9)