Linux Kernel ''ipv6_fl_socklist'' Denial of Service

Posted on Friday, March 23, 2007 @ 16:07:02 EDT by meshal

A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

The vulnerability is caused due to listening IPv6 TCP sockets
incorrectly sharing the "ipv6_fl_socklist" IPv6 flowlist with child
sockets. This can be exploited to e.g. cause a kernel crash by
performing certain actions on IPv6 TCP sockets.

SOLUTION:
Apply patch.
http://marc.info/?l=linux-netdev&m=117406721731891&w=2

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://marc.info/?l=linux-netdev&m=117406721731891&w=2

OTHER REFERENCES:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478

VERIFY ADVISORY:
http://secunia.com/advisories/24618/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
Local system

OPERATING SYSTEM:
Linux Kernel 2.6.x
http://secunia.com/product/2719/


Topic: story
Associated Topicsstory