Bug 136020

Summary: VUL-0: local dos in ip_conntrack_proto_icmp.c
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Marcus Meissner <meissner>
Component: KernelAssignee: E-mail List <kernel-maintainers>
Status: RESOLVED INVALID QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: Final   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2005-3810: CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2005-11-30 10:10:57 UTC 
is public

CVE-2005-3810

"ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference."

http://marc.theaimsgroup.com/?l=linux-kernel&amp;m=113269476307795&amp;w=2

http://kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.14.y.git;a=commit;h=ae77af5fdb07f075c3b833cc378f92dcf361627e



can a user send these messages? or just root?
Comment 1 Marcus Meissner 2005-11-30 10:14:26 UTC 
10.0 is 2.6.13 as olaf said
Comment 2 Thomas Biege 2009-10-13 20:40:33 UTC 
CVE-2005-3810: CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)