CVE-2007-1865 in Enterprise Linuxinfo

Summary

** DISPUTED ** The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when copying header info to the user s buffer."

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/04/2007

Disclosure

09/18/2007

Moderation

VulDB entry created

Entries

1: VDB-38827

CPE

ready

CWE

CWE-189 (Confirmed)

CVSS

4.0

EPSS

0.00056

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-1865
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1865
CVE Details	https://www.cvedetails.com/cve/CVE-2007-1865/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!