Linux kernel 2.6 ICMP bug resulting in remote DoS

Published: 2006-02-15
Last Updated: 2006-02-15 17:45:01 UTC
by William Salusky (Version: 1)
0 comment(s)
Here we have a perfect example of how hard it is sometimes to stay abreast of security risks.  Thanks to Ronald for the heads up, it looks like there are a few additional mailing lists I need to consider subscribing.

Over a week ago, the 2.6.15.3 Linux kernel included a patch to address a bug in the icmp_send function that would crash the kernel resulting in a DoS.  The current latest stable Linux kernel is 2.6.15.4 available from http://www.kernel.org/.  Details are available at http://www.securityfocus.com/bid/16532/.

For mitigation, I choose to quote HD Moore since he has put it most simply 'The easy fix is to block ICMP until you upgrade your kernels...'.  'nuff said.



Keywords:
0 comment(s)

Comments


Diary Archives