Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 131118

Summary: Kernel: ip_route_input() Multi-cast IP Request Local DoS (CVE-2006-1525)
Product: Gentoo Security Reporter: Dax <gentoomail>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: chrb, gentoomail, kang
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=a0b277b4fdcbc24c26af7c5d019e9448a51c79cf
Whiteboard: [linux >=2.6 <2.6.16.8]
Package list:
Runtime testing required: ---

Description Dax 2006-04-24 10:28:08 UTC 
Description:

The Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a route for a multicast IP address is requested, and will result in a kernel panic cause by a NULL pointer dereference, and therefore lead to loss of availability for the platform.

Vulnerability Classification:

    * Local/Shell Access Required
    * Denial Of Service Attack
    * Loss Of Availability
    * Exploit Available
    * Verified 


Products:

    * Linux Kernel 2.6.16.7


Solution:

Upgrade to version 2.6.16.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes:

Steps to reproduce: run shell command

$ ip ro get 224.0.0.1 iif eth0"

External References:

    * CVE ID: 2006-1525
    * Bugtraq ID: 17593
    * ISS X-Force ID: 25872
    * Secunia Advisory ID: 19709
    * Secunia Advisory ID: 19735
    * Vendor Specific News/Changelog Entry: http://bugzilla.kernel.org/show_bug.cgi?id=6388
    * Vendor Specific News/Changelog Entry: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.8 


Credit:

    * Alexandra Kossovsky 

rgds
Daxomatic
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2006-05-06 07:16:14 UTC 
Maintainers, please bump to 2.6.16.14 preferably:

rsbac-sources: kang
usermode-sources: dsd
xbox-sources: chrb
xen-sources: chrb
Comment 2 Daniel Drake (RETIRED) gentoo-dev 2006-05-08 05:47:40 UTC 
usermode-sources fixed thanks to dang
Comment 3 Tim Yamin (RETIRED) gentoo-dev 2006-05-28 13:13:25 UTC 
All done (apart from sh-sources and rsbac-sources (masked)); resolving.
Comment 4 Bjoern Tropf (RETIRED) gentoo-dev 2009-07-11 08:43:56 UTC 
CVE-2006-1525:
ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference.