nvd-json-data-feeds/CVE-2007/CVE-2007-21xx/CVE-2007-2172.json

{
  "id": "CVE-2007-2172",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2007-04-22T19:19:00.000",
  "lastModified": "2023-11-07T02:00:33.590",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an \"out of bound access\" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions."
    },
    {
      "lang": "es",
      "value": "Un error tipogr\u00e1fico en el Kernel de Linux versi\u00f3n 2.6 anterior a 2.6.21-rc6 y versi\u00f3n 2.4 anterior a 2.4.35 hace que RTA_MAX se utilice como un tama\u00f1o de matriz en lugar de RTN_MAX, lo que conlleva a un \"out of bound access\" mediante las funciones (1) dn_fib_props (dn_fib.c, DECNet) y (2) fib_props (fib_semantics.c, IPv4)."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
          "accessVector": "LOCAL",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.7
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 3.4,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.4.0",
              "versionEndExcluding": "2.4.35",
              "matchCriteriaId": "1FDADBBD-FCAE-4A5A-9B7D-14EF90D2DAB1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.6.0",
              "versionEndIncluding": "2.6.20",
              "matchCriteriaId": "7F9EB73D-5DB8-46DE-995B-1FB161D93275"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git1:*:*:*:*:*:*",
              "matchCriteriaId": "C8CBD2D9-3765-40B2-A056-D71BE750CC01"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git2:*:*:*:*:*:*",
              "matchCriteriaId": "A8F4D967-ED04-42EA-8B3E-36301D39D651"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git3:*:*:*:*:*:*",
              "matchCriteriaId": "C498EE89-7F07-4B1E-90E6-5897E6B04670"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git4:*:*:*:*:*:*",
              "matchCriteriaId": "708656AF-92AE-4EAF-AF19-F457DB04ADB7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git5:*:*:*:*:*:*",
              "matchCriteriaId": "3B263AB8-74A4-4C73-915C-A02724C24B45"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git6:*:*:*:*:*:*",
              "matchCriteriaId": "A96D739B-9E8B-4D2F-9DED-4C9B313473CC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:git7:*:*:*:*:*:*",
              "matchCriteriaId": "4ACDEFEE-B946-4232-8BD5-A9F7AA84ED85"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "08A6E33E-5847-45DA-B9C9-79A7C5C877D6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B1F60C33-3CEA-45F0-97FA-18C029270190"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "247E13CB-9B11-4B64-80AD-C0F8482CCC0E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "903FE5D3-A9FB-466D-833B-448233BB0803"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "958EDC43-0848-4D93-9D07-6A085A5940B0"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
              "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0488.html",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/25068",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/25288",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/25392",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/25838",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/26289",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/26450",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/26620",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/26647",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/27913",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/29058",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/33280",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.debian.org/security/2007/dsa-1356",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.debian.org/security/2007/dsa-1363",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.debian.org/security/2008/dsa-1503",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.debian.org/security/2008/dsa-1504",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.mail-archive.com/git-commits-head%40vger.kernel.org/msg08269.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.mail-archive.com/git-commits-head%40vger.kernel.org/msg08270.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1049.html",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0787.html",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/23447",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.ubuntu.com/usn/usn-464-1",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2007/2690",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33979",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10764",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}