Kuwait Linux User Group

Linux Kernel ''ipv6_fl_socklist'' Denial of Service
Date: Friday, March 23, 2007 @ 15:07:02 EDT
Topic: story


A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).



The vulnerability is caused due to listening IPv6 TCP sockets
incorrectly sharing the "ipv6_fl_socklist" IPv6 flowlist with child
sockets. This can be exploited to e.g. cause a kernel crash by
performing certain actions on IPv6 TCP sockets.

SOLUTION:
Apply patch.
http://marc.info/?l=linux-netdev&m=117406721731891&w=2

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://marc.info/?l=linux-netdev&m=117406721731891&w=2

OTHER REFERENCES:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478

VERIFY ADVISORY:
http://secunia.com/advisories/24618/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
Local system

OPERATING SYSTEM:
Linux Kernel 2.6.x
http://secunia.com/product/2719/







This article comes from Kuwait Linux User Group
http://www.q8linux.net

The URL for this story is:
http://www.q8linux.net/modules.php?name=News&file=article&sid=324