CVE-2007-1861

Linux Kernel < 2.6.20.8 - Denial of Service via NETLINK_FIB_LOOKUP Replies

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1861. PoCs published by Alexey Kuznetsov.

AI-analyzed exploit summary This exploit triggers a denial-of-service vulnerability in the Linux kernel by sending a malformed NETLINK message, causing an infinite-recursion stack overflow. It targets versions prior to 2.6.20.8.

Description

The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Alexey Kuznetsov · cdoslinux
https://www.exploit-db.com/exploits/29916

This exploit triggers a denial-of-service vulnerability in the Linux kernel by sending a malformed NETLINK message, causing an infinite-recursion stack overflow. It targets versions prior to 2.6.20.8.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Linux kernel < 2.6.20.8
No auth needed
Prerequisites: Local access to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (24)

Core 24
Core References
Patch x_refsource_confirm
https://issues.rpath.com/browse/RPL-1309
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0347.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/467939/30/6690/threaded
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_43_kernel.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25030
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23677
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34014
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2007/dsa-1289
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25288
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25083
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26620
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1595
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-489-1
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25228
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/471457
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25961
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11616
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-486-1
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25691
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26139
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26133

Scores

EPSS 0.0102
EPSS Percentile 59.0%

Details

CWE
CWE-399
Status published
Products (50)
linux/linux_kernel 2.6.0
linux/linux_kernel 2.6.1
linux/linux_kernel 2.6.2
linux/linux_kernel 2.6.3
linux/linux_kernel 2.6.4
linux/linux_kernel 2.6.5
linux/linux_kernel 2.6.6
linux/linux_kernel 2.6.7
linux/linux_kernel 2.6.8
linux/linux_kernel 2.6.8.1
... and 40 more
Published May 07, 2007
Tracked Since Feb 18, 2026