|Description||Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 18.104.22.168 and 2.6 before 22.214.171.124 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
|NVD severity||high (attack range: remote)|
The information below is based on the following data on fixed versions.
Upstream commit: 36ca34cc3b8335eb1fe8bd9a1d0a2592980c3f02, part of 126.96.36.199