New Search

VMware kernel icmp_send function vulnerability

oval:org.mitre.oval:def:7867

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25 when configured as a router with a REJECT route does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route related to an "rt_cache leak."

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 4.0
Class:
vulnerability
Reference(s):
  • CVE-2009-0778
Product(s):