Linux Kernel Fragmented ICMP Packet Information Disclosure

2004-04-08T23:12:42
ID OSVDB:5394
Type osvdb
Reporter Andrew Griffiths(andrewg@tasmail.com)
Modified 2004-04-08T23:12:42

Description

Vulnerability Description

The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when custom crafted ICMP fragments are sent to the kernel, which will trigger an ICMP TTL exceeded error packet containing data from memory in response. This will disclose information in memory, resulting in a loss of confidentiality.

Solution Description

Upgrade to a kernel version of 2.2.19, 2.4.0 mainline, or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by applying the vendor-supplied patch.

Short Description

The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when custom crafted ICMP fragments are sent to the kernel, which will trigger an ICMP TTL exceeded error packet containing data from memory in response. This will disclose information in memory, resulting in a loss of confidentiality.

References:

Security Tracker: 1003325 RedHat RHSA: RHSA-2002:007 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-01/0234.html ISS X-Force ID: 7998 CVE-2002-0046