CVE-2006-4997

HIGH

Linux Kernel < 2.6.18 - Use-After-Free in ATM Subsystem

Title source: llm
STIX 2.1

Description

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

References (38)

Core 38
Core References
Exploit, Issue Tracking x_refsource_confirm
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20363
Broken Link vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
Broken Link vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22253
Broken Link vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0012.html
Broken Link, Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22279
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23788
Broken Link, Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22292
Broken Link vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0013.html
Broken Link, Patch vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0689.html
Broken Link vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017526
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23384
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23752
Broken Link vendor-advisory x_refsource_debian
http://www.us.debian.org/security/2006/dsa-1237
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22762
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24288
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23474
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23064
Broken Link vendor-advisory x_refsource_debian
http://www.us.debian.org/security/2006/dsa-1233
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23370
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3999
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-078.htm
Broken Link, Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/471457
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22497
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22945
Broken Link vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0710.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-395-1
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3937
Broken Link vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:197
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23395
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25691
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29387

Scores

CVSS v3 7.5
EPSS 0.0460
EPSS Percentile 90.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-416
Status published
Products (7)
canonical/ubuntu_linux 5.10
canonical/ubuntu_linux 6.06
canonical/ubuntu_linux 6.10
linux/linux_kernel < 2.6.18
redhat/enterprise_linux 2.1
redhat/enterprise_linux 3
redhat/enterprise_linux 4
Published Oct 10, 2006
Tracked Since Feb 18, 2026