CVE-2009-1360

Upstream information

CVE-2009-1360 at MITRE

Description

The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.

---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	7.1
Vector	AV:N/AC:M/Au:N/C:N/I:N/A:C
Access Vector	Network
Access Complexity	Medium
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Complete

SUSE Bugzilla entry: 496399 [RESOLVED / FIXED]

SUSE Security Advisories:

• SUSE-SA:2009:032, published Tue, 09 Jun 2009 11:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server for SAP Applications 11	ext4dev-kmp-default >= 0_2.6.27.23_0.1-7.1.7 ext4dev-kmp-pae >= 0_2.6.27.23_0.1-7.1.7 ext4dev-kmp-ppc64 >= 0_2.6.27.23_0.1-7.1.7 ext4dev-kmp-vmi >= 0_2.6.27.23_0.1-7.1.7 ext4dev-kmp-xen >= 0_2.6.27.23_0.1-7.1.7 iscsitarget-kmp-default >= 0.4.15_2.6.27.54_0.2-94.14.8 kernel-default >= 2.6.27.23-0.1.1 kernel-default-base >= 2.6.27.23-0.1.1 kernel-default-man >= 2.6.27.23-0.1.1 kernel-kdump >= 2.6.27.23-0.1.1 kernel-pae >= 2.6.27.23-0.1.1 kernel-pae-base >= 2.6.27.23-0.1.1 kernel-ppc64 >= 2.6.27.23-0.1.1 kernel-ppc64-base >= 2.6.27.23-0.1.1 kernel-source >= 2.6.27.23-0.1.1 kernel-syms >= 2.6.27.23-0.1.1 kernel-vmi >= 2.6.27.23-0.1.1 kernel-vmi-base >= 2.6.27.23-0.1.1 kernel-xen >= 2.6.27.23-0.1.1 kernel-xen-base >= 2.6.27.23-0.1.1 oracleasm-kmp-default >= 2.0.5_2.6.27.54_0.2-7.9.1	Patchnames: slessp0-kernel

---

SUSE Timeline for this CVE

CVE page created: Tue Jul 9 16:25:12 2013
CVE page last modified: Tue Nov 29 11:49:04 2022