CVE-2006-0454

Published Feb 7, 2006

Last updated a month ago

CVSS info 5.0

Overview

Description: Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.
Source: secalert@redhat.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Vendor comments

Red HatNot vulnerable. This vulnerability was introduced into the Linux kernel in version 2.6.12 and therefore does not affect users of Red Hat Enterprise Linux 2.1, 3, or 4.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "169446DE-67F8-4738-91FE-ED8058118F80"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93F0834D-C5EA-4C96-8D6C-3123ECF78F8C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1784CBC-BEAF-48E5-95A4-2A4BD5F9F1BC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31523E67-5E4F-43F7-9410-20CB3F287DAF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D9F976B-1328-40FE-A1F2-C1DF3F836604"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B627DE3-2702-4EB2-9733-253D315FB594"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10E1B011-8D20-448E-9DD5-023DD30D1FE1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A29A4BC-0442-458E-A874-BF0D0F2870FC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B36F432D-FED1-4B8D-A458-BEDEEF306AB1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04F25DE0-CA8E-4F57-87A5-C30D89CC9E44"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F87F764B-4097-44FA-B96E-A5DA75E31F7B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7025803-C679-44DB-ADEE-864E6CAAD9B5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24B879D6-4631-49A8-9366-75577DFB755D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5B76C21-70C8-4911-A24B-270F876EF7C0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFF35478-B292-4A00-B985-CEEDE8B212C3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E85846A-61BE-4896-B4A6-42A7E1DBA515"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6E3B925-031D-4F6D-915A-A16F0FFA878C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BFCEA98-C708-4E1E-B189-E6F96D28F07A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B753112-CCDE-4870-AA97-4AAA2946421A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References