EUVD-2002-0506

Malware in sbrugna...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure

The remote host appears to be run a version of the Linux kernel that sends UDP responses in which the IP identification field is constant and equal to zero 0. With this information, an attacker could mount further, more targeted attacks against this host. Note that RedHat does not consider this a...