CVE-2006-4997

high-risk

Published 2006-10-10

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

Do I need to act?

35.0% chance of exploitation in next 30 days

EPSS score — higher than 65% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (7)

Linux Kernel

Ubuntu Linux

Enterprise Linux

Affected Vendors

Redhat Linux Canonical

References (76)

Exploit http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265

Broken Link http://secunia.com/advisories/22253

Broken Link http://secunia.com/advisories/22279

Broken Link http://secunia.com/advisories/22292

Broken Link http://secunia.com/advisories/22497

Broken Link http://secunia.com/advisories/22762

Broken Link http://secunia.com/advisories/22945

Broken Link http://secunia.com/advisories/23064

Broken Link http://secunia.com/advisories/23370

Broken Link http://secunia.com/advisories/23384

Broken Link http://secunia.com/advisories/23395

Broken Link http://secunia.com/advisories/23474

Broken Link http://secunia.com/advisories/23752

Broken Link http://secunia.com/advisories/23788

Broken Link http://secunia.com/advisories/24288

Broken Link http://secunia.com/advisories/25691

Broken Link http://securitytracker.com/id?1017526

Third Party Advisory http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm

Third Party Advisory http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm

Third Party Advisory http://support.avaya.com/elmodocs2/security/ASA-2007-078.htm

and 56 more references

/ 100

high-risk

Severity 26/34 · High

Exploitability 16/34 · Moderate

Exposure 14/34 · Moderate