5

CVE-2006-0454

Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.6.12
LinuxLinux Kernel Version2.6.12 Updaterc1
LinuxLinux Kernel Version2.6.12 Updaterc2
LinuxLinux Kernel Version2.6.12 Updaterc3
LinuxLinux Kernel Version2.6.12 Updaterc4
LinuxLinux Kernel Version2.6.12 Updaterc5
LinuxLinux Kernel Version2.6.12 Updaterc6
LinuxLinux Kernel Version2.6.12.1
LinuxLinux Kernel Version2.6.12.2
LinuxLinux Kernel Version2.6.12.3
LinuxLinux Kernel Version2.6.12.4
LinuxLinux Kernel Version2.6.12.5
LinuxLinux Kernel Version2.6.12.6
LinuxLinux Kernel Version2.6.13
LinuxLinux Kernel Version2.6.13 Updaterc1
LinuxLinux Kernel Version2.6.13 Updaterc2
LinuxLinux Kernel Version2.6.13 Updaterc3
LinuxLinux Kernel Version2.6.13 Updaterc4
LinuxLinux Kernel Version2.6.13 Updaterc5
LinuxLinux Kernel Version2.6.13 Updaterc6
LinuxLinux Kernel Version2.6.13 Updaterc7
LinuxLinux Kernel Version2.6.13.1
LinuxLinux Kernel Version2.6.13.2
LinuxLinux Kernel Version2.6.13.3
LinuxLinux Kernel Version2.6.13.4
LinuxLinux Kernel Version2.6.13.5
LinuxLinux Kernel Version2.6.14
LinuxLinux Kernel Version2.6.14 Updaterc1
LinuxLinux Kernel Version2.6.14 Updaterc2
LinuxLinux Kernel Version2.6.14 Updaterc3
LinuxLinux Kernel Version2.6.14 Updaterc4
LinuxLinux Kernel Version2.6.14 Updaterc5
LinuxLinux Kernel Version2.6.14.1
LinuxLinux Kernel Version2.6.14.2
LinuxLinux Kernel Version2.6.14.3
LinuxLinux Kernel Version2.6.14.4
LinuxLinux Kernel Version2.6.14.5
LinuxLinux Kernel Version2.6.14.6
LinuxLinux Kernel Version2.6.14.7
LinuxLinux Kernel Version2.6.15
LinuxLinux Kernel Version2.6.15.1
LinuxLinux Kernel Version2.6.15.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.77% 0.885
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/427981/100/0/threaded
http://secunia.com/advisories/18784
Patch
Vendor Advisory
http://www.trustix.org/errata/2006/0006
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:040
http://secunia.com/advisories/18788
Patch
Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_06_kernel.html
Patch
Vendor Advisory
http://secunia.com/advisories/18774
Patch
Vendor Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00037.html
Patch
Vendor Advisory
http://lists.immunitysec.com/pipermail/dailydave/2006-February/002909.html
Patch
http://marc.info/?l=linux-kernel&m=113927617401569&w=2
http://marc.info/?l=linux-kernel&m=113927648820694&w=2
http://secunia.com/advisories/18766
Patch
Vendor Advisory
http://secunia.com/advisories/18861
Patch
Vendor Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.3
http://www.securityfocus.com/bid/16532
Patch
http://www.ubuntu.com/usn/usn-250-1
http://www.vupen.com/english/advisories/2006/0464
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24575