CVE-2026-23398

A flaw was found in the Linux kernel. A remote attacker could trigger a kernel panic, leading to a Denial of Service DoS, by sending a specially crafted Internet Control Message Protocol ICMP Fragmentation Needed error. This occurs when the system is configured for hardened Path Maximum...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

path-mtu NSE Script

Performs simple Path MTU Discovery to target hosts. TCP or UDP packets are sent to the host with the DF don't fragment bit set and with varying amounts of data. If an ICMP Fragmentation Needed is received, or no reply is received after retransmissions, the amount of data is lowered and another...

Re: ICMP fragmentation required but DF set problems.

This is a valid method, and known, to slow down a link between two hosts. In my paper "ICMP Usage In Scanning" currently version 2.5 Appendix B: ICMP "Fragmentation Needed but the Don't Fragment Bit was set" and the Path MTU Discovery Process Page 132, I have outlined what should be done accordin...

ICMP fragmentation required but DF set problems.

Hi all, The problem I'm exposing is quite obvious, but unfortunatelly can be used in a very simple way by script kiddies. SYNOPSIS It's possible to slowdown a lot connections between two arbirary hosts but at least one with the PMTU discovery enabled using some spoofed TCP/IP packet. Maybe you ca...