CVE-2007-5501

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.21 through 2.6.23.7 Linux kernel versions 2.6.24-rc through 2.6.24-rc2 p54-kmp-bigsmp versions (affected versions not specified) p54-kmp-default versions (affected versions not specified) p54-kmp-debug versions (affected versions not specified) p54-kmp-xen versions (affected versions not specified) p54-kmp-xenpae versions (affected versions not specified) adm8211-kmp-bigsmp versions (affected versions not specified) adm8211-kmp-default versions (affected versions not specified) adm8211-kmp-debug versions (affected versions not specified) adm8211-kmp-ppc64 versions (affected versions not specified) adm8211-kmp-xen versions (affected versions not specified) adm8211-kmp-xenpae versions (affected versions not specified) rt2x00-kmp-bigsmp versions (affected versions not specified) rt2x00-kmp-debug versions (affected versions not specified) rt2x00-kmp-default versions (affected versions not specified) rt2x00-kmp-xen versions (affected versions not specified) rt2x00-kmp-xenpae versions (affected versions not specified) rtl8187-kmp-bigsmp versions (affected versions not specified) rtl8187-kmp-debug versions (affected versions not specified) rtl8187-kmp-default versions (affected versions not specified) rtl8187-kmp-xen versions (affected versions not specified) rtl8187-kmp-xenpae versions (affected versions not specified)

Description The issue is related to multiple vulnerabilities in various packages of the openSUSE operating system, including p54-kmp, adm8211-kmp, rt2x00-kmp, and rtl8187-kmp. These vulnerabilities can be exploited remotely, leading to a disruption of protected information. Additionally, a vulnerability in the Linux kernel's tcp sacktag write queue function allows remote attackers to cause a denial of service via crafted ACK responses.

Recommendations As a temporary workaround, consider disabling the tcp sacktag write queue function until a patch is available. For Linux kernel versions 2.6.21 through 2.6.23.7 and 2.6.24-rc through 2.6.24-rc2, update to a newer version to mitigate the risk. For p54-kmp, adm8211-kmp, rt2x00-kmp, and rtl8187-kmp packages, restrict access to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability in the p54-kmp, adm8211-kmp, rt2x00-kmp, and rtl8187-kmp packages.