CVE-2009-1298

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.29 through 2.6.32-rc8

Description The issue is related to the ip frag reasm function in the Linux kernel, which calls IP INC STATS BH with an incorrect argument. This allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and hang, via long IP packets.

Recommendations For Linux kernel versions 2.6.29 through 2.6.32-rc8, consider applying a patch that corrects the argument passed to IP INC STATS BH in the ip frag reasm function to prevent the denial of service.