Welcome to Kuwait Linux User Group - OpenSource free stuff

Search   in  

 Create an AccountHome | Gallery | Submit News | Your Account | Content | Topics | Top 10  

Modules
· Home
· Advertising
· Downloads
· FAQ
· Forums
· PHP-Nuke Tools
· Stories Archive
· Submit News
· Surveys
· Top 10
· Topics
· Tutorials
· Web Links
· Your Account

Search
Google
Web q8linux.net

Phoronix
Currently there is a problem with headlines from this site

  
Linux Kernel ''ipv6_fl_socklist'' Denial of Service
Posted on Friday, March 23, 2007 @ 15:07:02 AST
Topic: advisories
advisories

A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).



The vulnerability is caused due to listening IPv6 TCP sockets
incorrectly sharing the "ipv6_fl_socklist" IPv6 flowlist with child
sockets. This can be exploited to e.g. cause a kernel crash by
performing certain actions on IPv6 TCP sockets.

SOLUTION:
Apply patch.
http://marc.info/?l=linux-netdev&m=117406721731891&w=2

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://marc.info/?l=linux-netdev&m=117406721731891&w=2

OTHER REFERENCES:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478

VERIFY ADVISORY:
http://secunia.com/advisories/24618/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
Local system

OPERATING SYSTEM:
Linux Kernel 2.6.x
http://secunia.com/product/2719/


Linux Kernel ''ipv6_fl_socklist'' Denial of Service | Login/Create an Account | 3 comments
The comments are owned by the poster. We aren't responsible for their content.

Re: Linux Kernel ''ipv6_fl_socklist'' Denial of Service (Score: 1)
by nullPointer on Tuesday, April 10, 2007 @ 16:56:42 AST
(User Info )

neat, but i do believe that this is one of the many reasons they'r not appling the ipv6 yeat, and i don't think it will be used in a while, though the US pent gov has stated few times that it will shift it's systems to v6 at the end of 2008, but there's still no FlagDay for all the other systems, but i don't know...


[ Reply to This ]


 
Related Websites

Related Links
· More about advisories
· News by meshal
Most read story about advisories:
Local Root Exploit in Linux 2.4.xx and 2.6.xx


Article Rating
Average Score: 4
Votes: 1


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Printer Friendly


Associated Topics

advisoriessecurity

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest ©2004-2008 by Q8linux.كويت لينكس
PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.07 Seconds