漏洞信息详情
Linux Kernel 'ipv6_hop_jumbo()' 远程拒绝服务漏洞
- CNNVD编号:CNNVD-201001-263
- 危害等级: 高危
- CVE编号: CVE-2010-0006
- 漏洞类型: 输入验证
- 发布时间: 2010-01-26
- 威胁类型: 远程
- 更新时间: 2010-01-27
- 厂 商: linux
- 漏洞来源: Olli Jarva Tuomo U...
漏洞简介
Linux kernel 2.6.32.4以前的版本的net/ipv6/exthdrs.c中的ipv6_hop_jumbo函数, 在网络命名攻击被激活时,远程攻击着可以借助一个无效的IPv6 jumbogram,造成拒绝服务(空指针提领)。该漏洞与CVE-2007-4567相关。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: Ubuntu Ubuntu Linux 9.10 sparc Ubuntu block-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/block-modules-2.6.31-19-spar c64-di_2.6.31-19.56_sparc.udeb Ubuntu crypto-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/crypto-modules-2.6.31-19-spa rc64-di_2.6.31-19.56_sparc.udeb Ubuntu fat-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/fat-modules-2.6.31-19-sparc6 4-di_2.6.31-19.56_sparc.udeb Ubuntu firewire-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/firewire-core-modules-2.6.31 -19-sparc64-di_2.6.31-19.56_sparc.udeb Ubuntu fs-core-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/fs-core-modules-2.6.31-19-sp arc64-di_2.6.31-19.56_sparc.udeb Ubuntu fs-secondary-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/fs-secondary-modules-2.6.31- 19-sparc64-di_2.6.31-19.56_sparc.udeb Ubuntu input-modules-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/input-modules-2.6.31-19-spar c64-di_2.6.31-19.56_sparc.udeb Ubuntu kernel-image-2.6.31-19-sparc64-di_2.6.31-19.56_sparc.udeb http://ports.ubuntu.com/pool/main/l/linux/kernel-image-2.6.31-19-sparc 64-di_2.6.31-19.56_sparc.udeb Ubuntu linux-doc_2.6.31-19.56_all.deb http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc_2.6.31-1 9.56_all.deb Ubuntu linux-ec2-doc_2.6.31-304.10_all.deb http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-doc_ 2.6.31-304.10_all.deb Ubuntu linux-ec2-source-2.6.31_2.6.31-304.10_all.deb http://security.ubuntu.com/ubuntu/pool/main/l/linux-ec2/linux-ec2-sour ce-2.6.31_2.6.31-304.10_all.deb
参考网址
来源: bugzilla.redhat.com 链接:https://bugzilla.redhat.com/show_bug.cgi?id=555217 来源: BID 名称: 37810 链接:http://www.securityfocus.com/bid/37810 来源: OSVDB 名称: 61876 链接:http://www.osvdb.org/61876 来源: MLIST 名称: [oss-security] 20100114 CVE-2010-0006 - kernel: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo() 链接:http://www.openwall.com/lists/oss-security/2010/01/14/2 来源: www.kernel.org 链接:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4 来源: security-tracker.debian.org 链接:http://security-tracker.debian.org/tracker/CVE-2010-0006 来源: SECUNIA 名称: 38333 链接:http://secunia.com/advisories/38333 来源: SECUNIA 名称: 38168 链接:http://secunia.com/advisories/38168 来源: MLIST 名称: [linux-netdev] 20100114 [PATCH]: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo(). 链接:http://marc.info/?l=linux-netdev&m=126343325807340&w=2 来源: FEDORA 名称: FEDORA-2010-0919 链接:http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.HTML 来源: git.kernel.org 链接:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2570a4f5428bcdb1077622342181755741e7fa60 来源: MISC 链接:http://cert.fi/en/reports/2010/vulnerability341748.HTML 来源: bugs.gentoo.org 链接:http://bugs.gentoo.org/show_bug.cgi?id=300951 来源:NSFOCUS 名称:14412 链接:http://www.nsfocus.net/vulndb/14412
受影响实体
- Linux Linux_kernel:2.6.32.4
- Linux Linux_kernel:2.6.32.3
- Linux Linux_kernel:2.6.32.2
- Linux Linux_kernel:2.6.32.1
- Linux Linux_kernel:2.6.32:Rc5
补丁
- parport-modules-2.6.31-19-generic-di_2.6.31-19.56_i386
- nic-shared-modules-2.6.31-19-generic-di_2.6.31-19.56_i386
- fat-modules-2.6.31-19-generic-di_2.6.31-19.56_amd64
- kernel-image-2.6.31-19-generic-di_2.6.31-19.56_amd64
- linux-image-2.6.31-304-ec2_2.6.31-304.10_amd64
评论