An integer underflow problem in the iptables firewall logging rules can allow a remote attacker to crash the machine by using a handcrafted IP packet. This attack is only possible with firewalling enabled.
If you are not using an iptables based firewall (like SUSEfirewall2) on your system, you are not affected. If you are using a firewall, a workaround is to disable firewall logging of IP and TCP options. We recommend to update the kernel.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 9.1 | i586 | kernel-bigsmp | < 2.6.5-7.111 | kernel-bigsmp-2.6.5-7.111.i586.rpm |
openSUSE | 9.1 | i586 | kernel-smp | < 2.6.5-7.111 | kernel-smp-2.6.5-7.111.i586.rpm |
openSUSE | 9.1 | x86_64 | kernel-smp | < 2.6.5-7.111 | kernel-smp-2.6.5-7.111.x86_64.rpm |
openSUSE | 9.1 | x86_64 | kernel-default | < 2.6.5-7.111 | kernel-default-2.6.5-7.111.x86_64.rpm |
openSUSE | 9.1 | i586 | kernel-default | < 2.6.5-7.111 | kernel-default-2.6.5-7.111.i586.rpm |