ID:10196 - Exploit for Input validation error in Linux kernel - CVE-2007-1000

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10196 - Exploit for Input validation error in Linux kernel - CVE-2007-1000

ID:10196 - Exploit for Input validation error in Linux kernel - CVE-2007-1000

Published: July 11, 2024


Vulnerability identifier: #VU94174
Vulnerability risk: Low
CVE-ID: CVE-2007-1000
CWE-ID: CWE-20
Exploitation vector: Local access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to execute arbitrary code.

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.


Remediation

Install update from vendor's website.