CERTA-2006-AVI-064
Vulnerability from certfr_avis

Une vulnérabilité du noyau Linux permet à un utilisateur distant de provoquer un déni de service du système vulnérable.

Description

Une erreur dans la fonction ip_options_echo() du fichier icmp.c servant à la construction d'une réponse ICMP (Internet Control Message Protocol) permet à un utilisateur distant de provoquer un déni de service sur le système vulnérable par le biais d'un paquet ICMP malicieusement construit.

Solution

La version 2.6.15.3 du noyau Linux corrige le problème :

http://www.kernel.org

Les noyaux Linux versions 2.6.15.2 et antérieures.

Impacted products
Vendor Product Description
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eLes noyaux Linux versions 2.6.15.2 et  ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nUne erreur dans la fonction ip_options_echo() du fichier icmp.c servant\n\u00e0 la construction d\u0027une r\u00e9ponse ICMP (Internet Control Message Protocol)\npermet \u00e0 un utilisateur distant de provoquer un d\u00e9ni de service sur le\nsyst\u00e8me vuln\u00e9rable par le biais d\u0027un paquet ICMP malicieusement\nconstruit.\n\n## Solution\n\nLa version 2.6.15.3 du noyau Linux corrige le probl\u00e8me :\n\n    http://www.kernel.org\n",
  "cves": [],
  "initial_release_date": "2006-02-08T00:00:00",
  "last_revision_date": "2006-02-08T00:00:00",
  "links": [
    {
      "title": "Site du noyau Linux :",
      "url": "http://www.kernel.org"
    },
    {
      "title": "Liste des changements apport\u00e9s dans la version 2.6.15.3 du    noyau Linux :",
      "url": "http://wwww.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.3"
    }
  ],
  "reference": "CERTA-2006-AVI-064",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-02-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 du noyau Linux permet \u00e0 un utilisateur distant de\nprovoquer un d\u00e9ni de service du syst\u00e8me vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 du noyau Linux",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Liste des changements appliqu\u00e9s dans la version 2.6.15.3 du noyau Linux",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.