LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

mipv6-daemon: multiple vulnerabilities

Package(s):mipv6-daemon CVE #(s):CVE-2010-2522 CVE-2010-2523
Created:August 17, 2010 Updated:October 25, 2010
Description: From the Fedora advisory:

This update fixes two security problems in mipv6-daemon: I) CVE-2010-2522: The origin of netlink messages sent to mipv6-daemon was not verified, allowing for local users to spoof netlink messages and thus influence the behaviour of mipv6-daemon. II) CVE-2010-2523: A specially crafted ND_OPT_PREFIX_INFORMATION or ND_OPT_HOME_AGENT_INFO packet could be used to exploit a buffer overflow in mipv6-daemon.

Alerts:
SUSE SUSE-SR:2010:019 2010-10-25
Fedora FEDORA-2010-11143 2010-07-15
Fedora FEDORA-2010-11152 2010-07-15
openSUSE openSUSE-SU-2010:0736-1 2010-10-18
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds