CVE-2009-4272

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.18 on Red Hat Enterprise Linux (RHEL) 5

Description The issue allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, triggering a routing "emergency" in which a hash chain is too long. This is related to an issue in the Linux kernel before 2.6.31, involving an uninitialized pointer and a panic when the kernel routing cache is disabled.

Recommendations For Linux kernel version 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, consider applying the Red Hat patch to resolve the issue. As a temporary workaround, restrict access to the network to minimize the risk of exploitation.