CVE-2008-2136— Linux Kernel ipip6_rcv()函数远程拒绝服务漏洞

EPSS 23.49% · P96 更新于 2026-02-21

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2008-2136 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.

来源: 美国国家漏洞数据库 NVD

CVSS Information

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Linux Kernel ipip6_rcv()函数远程拒绝服务漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux Kernel的net/ipv6/sit.c文件中的ipip6_rcv函数中存在内存泄露漏洞，如果远程攻击者向简单Internet传输(SIT)隧道接口发送了与pskb_may_pull、kfree_skb函数和skb引用计数管理相关的恶意网络通讯的话，就可能触发这个漏洞，导致耗尽内存。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE	订阅
-	n/a	n/a	-

二、漏洞 CVE-2008-2136 的公开POC

#	POC 描述	源链接	神龙链接

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2008-2136 的情报信息

Please 登录 to view more intelligence information

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.3x_refsource_CONFIRM
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0169x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.5x_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2008-362.htmx_refsource_CONFIRM
http://secunia.com/advisories/31341third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30276third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/33201third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30818third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31107third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/33280third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31198third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/29235vdb-entryx_refsource_BID
http://secunia.com/advisories/30241third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30368third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30198third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31628third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30962third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/30499third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31689third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1020118vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2008/dsa-1588vendor-advisoryx_refsource_DEBIAN
http://www.vupen.com/english/advisories/2008/1716/referencesvdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/1543/referencesvdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2008-0973.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2008-0585.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2008-0787.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2008-0607.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2008:167vendor-advisoryx_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174vendor-advisoryx_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2008-0612.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.htmlvendor-advisoryx_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00294.htmlvendor-advisoryx_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6503vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11038vdb-entrysignaturex_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/42451vdb-entryx_refsource_XF
http://marc.info/?l=linux-netdev&m=121031533024912&w=2mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2008-2136

同批安全公告 · n/a · 2008-05-16 · 共 34 条

CVE-2008-2269		AustinSmoke GasTracker Cookie Parameter 认证绕过漏洞
CVE-2008-2009		Xiph.org Libvorbis 安全漏洞
CVE-2008-2165		Cisco BBSM AccesCodeStart.asp文件跨站脚本漏洞
CVE-2008-2263		Kalptaru Infotech Automated Link Exchange Portal 'linking.page.php' SQL注入漏洞
CVE-2008-2264		CyrixMED 'index.php' 跨站脚本攻击漏洞
CVE-2008-2265		EMO Realty Manager 'news.php' SQL注入漏洞
CVE-2008-2266		UUDeview 'uulib/uunconc.c' 不安全临时文件创建漏洞
CVE-2008-2267		CMS Made Simple 'modules/FileManager/postlet/javaUpload.php' 任意本地文件上传漏洞
CVE-2008-2268		Mjguest 'interface/redirect.htm.php'开放重定向漏洞
CVE-2008-1748		Cisco Unified Communications Manager 输入验证错误漏洞
CVE-2008-2270		Kostenloses Linkmanagementscript 'template\index.php' 多个远程文件包含漏洞
CVE-2008-2271		Drupal 权限许可和访问控制问题漏洞
CVE-2008-2272		Aruba Mobility Controller 跨站脚本漏洞
CVE-2008-2273		Aruba Mobility Controller绕过认证及跨站脚本漏洞
CVE-2008-2274		TYPO3 Frontend User Registration Extension 跨站脚本攻击漏洞
CVE-2008-2275		TYPO3 Frontend User Registration Extension 未明漏洞
CVE-2008-2276		Mantis多个输入验证漏洞
CVE-2008-2277		Feedback and Rating Script 'detail.php' SQL注入漏洞
CVE-2008-1747		Cisco Unified Communications Manager 输入验证错误漏洞
CVE-2008-1746		Cisco Unified Communications Manager SNMP消息代理服务拒绝服务漏洞

显示前 20 条，共 34 条。查看全部 → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-2136

暂无评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

CVE-2008-2136— Linux Kernel ipip6_rcv()函数远程拒绝服务漏洞

一、漏洞 CVE-2008-2136 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2008-2136 的公开POC

三、漏洞 CVE-2008-2136 的情报信息

同批安全公告 · n/a · 2008-05-16 · 共 34 条

IV. Related Vulnerabilities

V. Comments for CVE-2008-2136

发表评论

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

CVE-2008-2136— Linux Kernel ipip6_rcv()函数远程拒绝服务漏洞

一、 漏洞 CVE-2008-2136 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2008-2136 的公开POC

三、漏洞 CVE-2008-2136 的情报信息

同批安全公告 · n/a · 2008-05-16 · 共 34 条

IV. Related Vulnerabilities

V. Comments for CVE-2008-2136

发表评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

一、漏洞 CVE-2008-2136 基础信息