LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LK2008: The values of the Linux community

LWN.net Weekly Edition for October 9, 2008

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

kernel: denial of service

Package(s):kernel CVE #(s):CVE-2006-0454
Created:February 8, 2006 Updated:February 17, 2006
Description: A denial of service vulnerability has been found in the kernel ICMP code; kernel 2.6.15.3 fixes the problem.
Alerts:
Mandriva MDKSA-2006:040 2006-02-17
Ubuntu USN-250-1 2006-02-13
Trustix TSLSA-2006-0006 2006-02-10
SuSE SUSE-SA:2006:006 2006-02-09
Fedora FEDORA-2006-102 2006-02-07
(Log in to post comments)

kernel: denial of service

Posted Feb 9, 2006 9:25 UTC (Thu) by mjcox@redhat.com (subscriber, #31775) [Link]

This issue was discovered by Dave Jones. As Dave notes it's so far proved difficult to reliably trigger (my attempts so far succeed in logging dst badness messages and messing up future ICMP packet receipts, but haven't triggered a crash).

http://kernelslacker.livejournal.com/35361.html

This vulnerability was introduced into the Linux kernel in version 2.6.12 and therefore does not affect users of Red Hat Enterprise Linux 2.1, 3, or 4. An update for Fedora Core 4 was released yesterday.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds