QwikSec

Security Database

CVE

CWE

Training

CVE-2008-3686

Published: Aug 14, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The rt6_fill_node function in net/ipv6/route.c in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 requests when no IPv6 input device is in use, which triggers a NULL pointer dereference.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

linux-kernel-rt6fillnode-dos(44605)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

[linux-kernel] 20080807 OOPS, ip -f inet6 route get fec0::1, linux-2.6.26, ip6_route_output, rt6_fill_node+0x175

mailing-list

x_refsource_MLIST

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e0115e500fe9dd2ca11e6f92db9123204f1327a

x_refsource_CONFIRM

[linux-kernel] 20080808 Re: OOPS, ip -f inet6 route get fec0::1, linux-2.6.26, ip6_route_output, rt6_fill_node+0x175

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.