The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route, related to an "rt_cache leak."
Metrics
No CVSS v4.0
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
AV:N/AC:M/Au:N/C:N/I:N/A:C
This CVE is not in the KEV list.
Key SSVC decision points have not yet been added.
Affected Vendors & Products
Vendors | Products |
---|---|
Linux |
|
Microsoft |
|
Redhat |
|
Vmware |
|
Configuration 1 [-]
|
Configuration 2 [-]
AND |
|
Configuration 3 [-]
|
Configuration 4 [-]
AND |
|
Package | CPE | Advisory | Released Date |
---|---|---|---|
Red Hat Enterprise Linux 5 | |||
kernel-0:2.6.18-128.1.6.el5 | cpe:/o:redhat:enterprise_linux:5 | RHSA-2009:0326 | 2009-04-01T00:00:00Z |
Red Hat Enterprise Linux 5.2 Z Stream | |||
kernel-0:2.6.18-92.1.35.el5 | cpe:/o:redhat:rhel_eus:5.2 | RHSA-2010:0079 | 2010-02-02T00:00:00Z |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2009-03-12T15:00:00
Updated: 2024-08-07T04:48:52.114Z
Reserved: 2009-03-03T00:00:00
Link: CVE-2009-0778
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-03-12T15:20:49.780
Modified: 2024-11-21T01:00:54.027
Link: CVE-2009-0778
Redhat