CVE-2007-4567

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.

Published: Dec 21, 2007
Updated: Nov 9, 2025
CVE: CVE-2007-4567
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	2.6.18-rc3	2.6.18-rc3.x
linux / linux_kernel	2.6.18-rc2	2.6.18-rc2.x
linux / linux_kernel	2.4.36.6	2.4.36.6.x
linux / linux_kernel	2.6.18-rc5	2.6.18-rc5.x
linux / linux_kernel	2.6.18-rc4	2.6.18-rc4.x
linux / linux_kernel	2.6.21.6	2.6.21.6.x
linux / linux_kernel	2.4.36.2	2.4.36.2.x
linux / linux_kernel	2.6.20.16	2.6.20.16.x
linux / linux_kernel	2.6.19.4	2.6.19.4.x
linux / linux_kernel	2.6.20.21	2.6.20.21.x
linux / linux_kernel	2.4.36.1	2.4.36.1.x
linux / linux_kernel	2.6.20.17	2.6.20.17.x
linux / linux_kernel	2.6.21.5	2.6.21.5.x
linux / linux_kernel	2.4.36.4	2.4.36.4.x
linux / linux_kernel	2.6.20.20	2.6.20.20.x
linux / linux_kernel	2.4.36.3	2.4.36.3.x
linux / linux_kernel	2.6.20.18	2.6.20.18.x
linux / linux_kernel	2.6.19.7	2.6.19.7.x
linux / linux_kernel	2.6.20.19	2.6.20.19.x
linux / linux_kernel	2.6.18-rc7	2.6.18-rc7.x
linux / linux_kernel	2.4.36	2.4.36.x
linux / linux_kernel	2.6.19.6	2.6.19.6.x
linux / linux_kernel	2.6.18-rc6	2.6.18-rc6.x
linux / linux_kernel	2.6.19.5	2.6.19.5.x
linux / linux_kernel	2.6.18	2.6.18.x
linux / linux_kernel	2.4.36.5	2.4.36.5.x
linux / linux_kernel	2.2.27	2.2.27.x
linux / linux_kernel	-	2.6.21.7.x
linux / linux_kernel	2.6.18-rc1	2.6.18-rc1.x
linux / linux_kernel	2.6	2.6.x

Vulnerability Database

314,452

CVE-2007-4567

Deep Security Visibility Without the Complexity