CVE-2006-7229 - The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_un

CVE-2006-7229

Summary

The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flood of network traffic.

References

http://secunia.com/advisories/28971
http://www.securityfocus.com/bid/26511
http://www.ubuntu.com/usn/usn-578-1
https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/65631

Vulnerable Configurations

cpe:2.3:o:ubuntu:linux_kernel:2.6.15:*:*:*:*:*:*:*
cpe:2.3:o:ubuntu:linux_kernel:2.6.15:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 05-09-2008 - 04:00)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	26511
confirm	https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.15/+bug/65631
secunia	28971
ubuntu	USN-578-1

Last major update

05-09-2008 - 04:00

Published

15-11-2007 - 00:46

Last modified

05-09-2008 - 04:00