CVE-2006-3121

EPSS 20.3%

heartbeat - out-of-bounds read

Published: 8/17/2006Modified: 4/28/2026

Description

The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.

Affected packages (2)

Debian/heartbeatfrom 0, < 1.2.4-14
Debian/heartbeatfrom 0, < 1.2.3-9sarge6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-3121