105939 – Kernel: Remote DoS through ipt_recent (CAN-2005-2872)

Bug 105939 - Kernel: Remote DoS through ipt_recent (CAN-2005-2872)

Summary: Kernel: Remote DoS through ipt_recent (CAN-2005-2872)

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Gentoo Security

URL:	http://www.kernel.org/git/?p=linux/ke...
Whiteboard:	[2.6 < 2.6.12]
Keywords:

Depends on:
Blocks:

Reported:	2005-09-14 02:45 UTC by Thierry Carrez (RETIRED)
Modified:	2005-11-26 08:42 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thierry Carrez (RETIRED) gentoo-dev

2005-09-14 02:45:58 UTC

From Ubuntu's latest :

Chad Walstrom discovered a Denial of Service in the ipt_recent module,
which can be used in netfilter (Firewall configuration). A remote
attacker could exploit this to crash the kernel by sending certain
packets (such as an SSH brute force attack) to a host which uses the
"recent" module. (CAN-2005-2802)

Comment 1 Daniel Drake (RETIRED) gentoo-dev

2005-09-17 10:46:22 UTC

	** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CAN-2005-2872,
CAN-2005-2873. Reason: this candidate's description originally combined two
separate issues. Notyes: All CVE users should consult CAN-2005-2872 and
CAN-2005-2873 to determine the appropriate identifier for the issue.

Comment 2 Daniel Drake (RETIRED) gentoo-dev

2005-09-17 10:50:18 UTC

Filing a new bug for 2873

Comment 3 Tim Yamin (RETIRED) gentoo-dev

2005-11-26 08:42:20 UTC

Closing, seems a non-issue (everything's at 2.6.12 or better).