PT-2009-3389 · Linux+1 · Linux Kernel+1
Hector Herrera
·
Published
2009-03-12
·
Updated
2023-02-13
·
CVE-2009-0778
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 2.6.25
Description
The issue is related to the
icmp send function in the Linux kernel, which does not properly manage the Protocol Independent Destination Cache (DST) when configured as a router with a REJECT route. This can be exploited by remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route, resulting in an "rt cache leak."Recommendations
For Linux kernel versions prior to 2.6.25, update to version 2.6.25 or later to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel
Red Hat