Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Linux kernel, denial of service via SIT

May 2008 by Vigil@nce

An attacker can use IPv6 packets in a SIT tunnel in order to
progressively create a denial of service.

 Gravity: 2/4
 CVSS: 7.8/10
 Consequences: denial of service of computer
 Provenance: internet client
 Means of attack: no proof of concept, no attack
 Ability of attacker: expert (4/4)
 Confidence: confirmed by the editor (5/5)
 Diffusion of the vulnerable configuration: high (3/3)
 Creation date: 15/05/2008
 Identifier: VIGILANCE-VUL-7831

AFFECTED PRODUCTS

 Fedora version 8 [with kernel < 2.6.24.7-92.fc8]
 Fedora version 9 [with kernel < 2.6.25.3-18.fc9]
 Linux kernel versions 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5,
2.6.6, 2.6.7, 2.6.8, 2.6.8.1, 2.6.9, 2.6.10, 2.6.11, 2.6.11.1,
2.6.11.2, 2.6.11.3, 2.6.11.4, 2.6.11.5, 2.6.11.6, 2.6.11.7,
2.6.11.8, 2.6.11.9, 2.6.11.10, 2.6.11.11, 2.6.11.12, 2.6.12,
2.6.12.1, 2.6.12.2, 2.6.12.3, 2.6.12.4, 2.6.12.5, 2.6.12.6,
2.6.13, 2.6.13.1, 2.6.13.2, 2.6.13.3, 2.6.13.4, 2.6.13.5, 2.6.14,
2.6.14.1, 2.6.14.2, 2.6.14.3, 2.6.14.4, 2.6.14.5, 2.6.14.6,
2.6.14.7, 2.6.15, 2.6.15.1, 2.6.15.2, 2.6.15.3, 2.6.15.4,
2.6.15.5, 2.6.15.6, 2.6.15.7, 2.6.16, 2.6.16.1, 2.6.16.2,
2.6.16.3, 2.6.16.4, 2.6.16.5, 2.6.16.6, 2.6.16.7, 2.6.16.8,
2.6.16.9, 2.6.16.10, 2.6.16.11, 2.6.16.12, 2.6.16.13, 2.6.16.14,
2.6.16.15, 2.6.16.16, 2.6.16.17, 2.6.16.18, 2.6.16.19, 2.6.16.20,
2.6.16.21, 2.6.16.22, 2.6.16.23, 2.6.16.24, 2.6.16.25, 2.6.16.26,
2.6.16.27, 2.6.16.28, 2.6.16.29, 2.6.16.30, 2.6.16.31, 2.6.16.32,
2.6.16.33, 2.6.16.34, 2.6.16.35, 2.6.16.36, 2.6.16.37, 2.6.16.38,
2.6.16.39, 2.6.16.40, 2.6.16.41, 2.6.16.42, 2.6.16.43, 2.6.16.44,
2.6.16.45, 2.6.16.46, 2.6.16.47, 2.6.16.48, 2.6.16.49, 2.6.16.50,
2.6.16.51, 2.6.16.52, 2.6.16.53, 2.6.16.54, 2.6.16.55, 2.6.16.56,
2.6.16.57, 2.6.16.58, 2.6.16.59, 2.6.16.60, 2.6.17, 2.6.17.1,
2.6.17.2, 2.6.17.3, 2.6.17.4, 2.6.17.5, 2.6.17.6, 2.6.17.7,
2.6.17.8, 2.6.17.9, 2.6.17.10, 2.6.17.11, 2.6.17.12, 2.6.17.13,
2.6.17.14, 2.6.18, 2.6.18.1, 2.6.18.2, 2.6.18.3, 2.6.18.4,
2.6.18.5, 2.6.18.6, 2.6.18.7, 2.6.18.8, 2.6.19, 2.6.19.1,
2.6.19.2, 2.6.19.3, 2.6.19.4, 2.6.19.5, 2.6.19.6, 2.6.19.7,
2.6.20, 2.6.20.1, 2.6.20.2, 2.6.20.3, 2.6.20.4, 2.6.20.5,
2.6.20.6, 2.6.20.7, 2.6.20.8, 2.6.20.9, 2.6.20.10, 2.6.20.11,
2.6.20.12, 2.6.20.13, 2.6.20.14, 2.6.20.15, 2.6.20.16, 2.6.20.17,
2.6.20.18, 2.6.20.19, 2.6.20.20, 2.6.20.21, 2.6.21, 2.6.21.1,
2.6.21.2, 2.6.21.3, 2.6.21.4, 2.6.21.5, 2.6.21.6, 2.6.21.7,
2.6.22, 2.6.22.1, 2.6.22.2, 2.6.22.3, 2.6.22.4, 2.6.22.5,
2.6.22.6, 2.6.22.7, 2.6.22.8, 2.6.22.9, 2.6.22.10, 2.6.22.11,
2.6.22.12, 2.6.22.13, 2.6.22.14, 2.6.22.15, 2.6.22.16, 2.6.22.17,
2.6.22.18, 2.6.22.19, 2.6.23, 2.6.23.1, 2.6.23.2, 2.6.23.3,
2.6.23.4, 2.6.23.5, 2.6.23.6, 2.6.23.7, 2.6.23.8, 2.6.23.9,
2.6.23.10, 2.6.23.11, 2.6.23.12, 2.6.23.13, 2.6.23.14, 2.6.23.15,
2.6.23.16, 2.6.23.17, 2.6.24, 2.6.24.1, 2.6.24.2, 2.6.24.3,
2.6.24.4, 2.6.24.5, 2.6.24.6, 2.6.24.7, 2.6.25, 2.6.25.1,
2.6.25.2, 2.6.25.3
Similar products or versions inferior to those indicated may also
be affected.

DESCRIPTION

The net/ipv6/sit.c file implements SIT (Simple Internet
Transition) and proposes tunnels to encapsulate IPv6 packets on an
IPv4 network. The administrator for example configure them with
"ifconfig sit0 ...".

The ipip6_rcv() function does not free a memory area when
pskb_may_pull() fails. This memory leak can be exploited by an
attacker sending IPv6 packets.

A remote attacker can thus progressively create a denial of
service on computers with SIT tunnels.

CHARACTERISTICS

 Identifiers: 446031, CVE-2008-2136, FEDORA-2008-3873,
FEDORA-2008-3949, VIGILANCE-VUL-7831
 CVSS score: 7.8/10
 Url: https://vigilance.aql.fr/tree/1/7831


See previous articles

    

See next articles













Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts