#VU92859 Resource management errors in Linux kernel - CVE-2008-2136

Cybersecurity Help s.r.o.

Published: 2008-05-16 | Updated: 2018-10-31

Vulnerability identifier: #VU92859

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2008-2136

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
https://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
https://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
https://marc.info/?l=linux-netdev&m=121031533024912&w=2
https://secunia.com/advisories/30198
https://secunia.com/advisories/30241
https://secunia.com/advisories/30276
https://secunia.com/advisories/30368
https://secunia.com/advisories/30499
https://secunia.com/advisories/30818
https://secunia.com/advisories/30962
https://secunia.com/advisories/31107
https://secunia.com/advisories/31198
https://secunia.com/advisories/31341
https://secunia.com/advisories/31628
https://secunia.com/advisories/31689
https://secunia.com/advisories/33201
https://secunia.com/advisories/33280
https://support.avaya.com/elmodocs2/security/ASA-2008-362.htm
https://wiki.rpath.com/wiki/Advisories:rPSA-2008-0169
https://www.debian.org/security/2008/dsa-1588
https://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5
https://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3
https://www.mandriva.com/security/advisories?name=MDVSA-2008:167
https://www.mandriva.com/security/advisories?name=MDVSA-2008:174
https://www.redhat.com/support/errata/RHSA-2008-0585.html
https://www.redhat.com/support/errata/RHSA-2008-0607.html
https://www.redhat.com/support/errata/RHSA-2008-0612.html
https://www.redhat.com/support/errata/RHSA-2008-0787.html
https://www.redhat.com/support/errata/RHSA-2008-0973.html
https://www.securityfocus.com/bid/29235
https://www.securitytracker.com/id?1020118
https://www.ubuntu.com/usn/usn-625-1
https://www.vupen.com/english/advisories/2008/1543/references
https://www.vupen.com/english/advisories/2008/1716/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42451
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11038
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6503
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00294.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Resource management errors in Linux kernel