CVE-2006-0454

Published Feb 7, 2006

Last updated 9 days ago

CVSS info 5.0

Overview

Description: Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.
Source: secalert@redhat.com
NVD status: Modified
Products: linux_kernel

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Vendor comments

Red HatNot vulnerable. This vulnerability was introduced into the Linux kernel in version 2.6.12 and therefore does not affect users of Red Hat Enterprise Linux 2.1, 3, or 4.

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
            "matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*",
            "matchCriteriaId": "169446DE-67F8-4738-91FE-ED8058118F80",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
            "matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
            "matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
            "matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
            "matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
            "matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
            "matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*",
            "matchCriteriaId": "93F0834D-C5EA-4C96-8D6C-3123ECF78F8C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*",
            "matchCriteriaId": "F1784CBC-BEAF-48E5-95A4-2A4BD5F9F1BC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*",
            "matchCriteriaId": "31523E67-5E4F-43F7-9410-20CB3F287DAF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*",
            "matchCriteriaId": "5D9F976B-1328-40FE-A1F2-C1DF3F836604",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*",
            "matchCriteriaId": "9B627DE3-2702-4EB2-9733-253D315FB594",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*",
            "matchCriteriaId": "10E1B011-8D20-448E-9DD5-023DD30D1FE1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*",
            "matchCriteriaId": "2A29A4BC-0442-458E-A874-BF0D0F2870FC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "B36F432D-FED1-4B8D-A458-BEDEEF306AB1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
            "matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*",
            "matchCriteriaId": "04F25DE0-CA8E-4F57-87A5-C30D89CC9E44",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*",
            "matchCriteriaId": "F87F764B-4097-44FA-B96E-A5DA75E31F7B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*",
            "matchCriteriaId": "D7025803-C679-44DB-ADEE-864E6CAAD9B5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*",
            "matchCriteriaId": "24B879D6-4631-49A8-9366-75577DFB755D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc5:*:*:*:*:*:*",
            "matchCriteriaId": "C5B76C21-70C8-4911-A24B-270F876EF7C0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
            "matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
            "matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
            "matchCriteriaId": "EFF35478-B292-4A00-B985-CEEDE8B212C3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*",
            "matchCriteriaId": "6E85846A-61BE-4896-B4A6-42A7E1DBA515",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*",
            "matchCriteriaId": "D6E3B925-031D-4F6D-915A-A16F0FFA878C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
            "matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
            "matchCriteriaId": "9BFCEA98-C708-4E1E-B189-E6F96D28F07A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
            "matchCriteriaId": "2B753112-CCDE-4870-AA97-4AAA2946421A",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

Related CVEs

References