remote denial of service in kernel

2004-10-21T07:52:50
ID SUSE-SA:2004:037
Type suse
Reporter Suse
Modified 2004-10-21T07:52:50

Description

An integer underflow problem in the iptables firewall logging rules can allow a remote attacker to crash the machine by using a handcrafted IP packet. This attack is only possible with firewalling enabled.

Solution

If you are not using an iptables based firewall (like SUSEfirewall2) on your system, you are not affected. If you are using a firewall, a workaround is to disable firewall logging of IP and TCP options. We recommend to update the kernel.