New Search

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25 when configured as a router with a REJECT route does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route related to an "rt_cache leak."

oval:org.mitre.oval:def:10215

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25 when configured as a router with a REJECT route does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route related to an "rt_cache leak."

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2009-0778
Product(s):