Linux kernel 2.6 ICMP bug resulting in remote DoS

Published: 2006-02-15
Last Updated: 2006-02-15 17:45:01 UTC
by William Salusky (Version: 1)
0 comment(s)
Here we have a perfect example of how hard it is sometimes to stay abreast of security risks.  Thanks to Ronald for the heads up, it looks like there are a few additional mailing lists I need to consider subscribing.

Over a week ago, the Linux kernel included a patch to address a bug in the icmp_send function that would crash the kernel resulting in a DoS.  The current latest stable Linux kernel is available from  Details are available at

For mitigation, I choose to quote HD Moore since he has put it most simply 'The easy fix is to block ICMP until you upgrade your kernels...'.  'nuff said.

0 comment(s)


Diary Archives