CVE-2005-2973

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux kernel-image versions 2.4.27-3-686 through 2.6.8-3-686 Debian GNU/Linux kernel-headers versions 2.4.27-3-686 through 2.6.8-3-686 Debian GNU/Linux kernel-pcmcia-modules versions 2.4.27-3-686 through 2.6.8-3-686 Debian GNU/Linux lm-sensors versions 2.4.27-3-686 through 2.4.27-3-686 SUSE Linux Enterprise k um (affected versions not specified) SUSE Linux Enterprise Intel-v92ham (affected versions not specified) Linux kernel versions prior to 2.6.14-rc5

Description The vulnerability allows local users to cause a denial of service (infinite loop and crash) in the Linux kernel. The issue is related to the udp v6 get port function in udp.c. The vulnerability can be exploited remotely. The affected software packages include kernel-image, kernel-headers, kernel-pcmcia-modules, and lm-sensors in Debian GNU/Linux, as well as k um and Intel-v92ham in SUSE Linux Enterprise.

Recommendations For Debian GNU/Linux kernel-image versions 2.4.27-3-686 through 2.6.8-3-686, update to a newer version that contains a fix for this vulnerability. For Debian GNU/Linux kernel-headers versions 2.4.27-3-686 through 2.6.8-3-686, update to a newer version that contains a fix for this vulnerability. For Debian GNU/Linux kernel-pcmcia-modules versions 2.4.27-3-686 through 2.6.8-3-686, update to a newer version that contains a fix for this vulnerability. For Debian GNU/Linux lm-sensors versions 2.4.27-3-686 through 2.4.27-3-686, update to a newer version that contains a fix for this vulnerability. For SUSE Linux Enterprise k um and Intel-v92ham, update to a newer version that contains a fix for this vulnerability. For Linux kernel versions prior to 2.6.14-rc5, update to version 2.6.14-rc5 or later.