Wind River Support Network

HomeOther DownloadsSecurity Advisory - linux kernel - CVE-2007-1388
Recommended Type: Patch

Security Advisory - linux kernel - CVE-2007-1388

Released: Nov 16, 2008     Updated: Nov 16, 2008

Description

The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service (oops) by calling setsockopt with the IPV6_RTHDR option name and possibly a zero option length or invalid option value, which triggers a NULL pointer dereference. IDENTIFIER = WIND00115959


Product Version

Linux Platforms 1.x

Downloads


Installation Notes

Installation Notes

WIND00116080.zip is for 1.5

1. Unzip the patch under [install_dir]/updates

2. Install the patch CD by entering the patch CD directory and run setup_linux.

3. This is a source only patch so you will have to build the kernel

4. Issue a make fs and make the kernel in a configured directory.

5. Upload the kernel and rootfs into the target and boot it up.


Live chat
Online