Linux kernel hash table collision packets denial of service (LinuxKernelPacketsDos)

Vuln ID: 12160
Risk Level: Medium risk vulnerability  Medium LinuxKernelPacketsDos
Platforms: RedHat Linux: 7.1, RedHat Linux: 7.2, Conectiva Linux: 8.0, RedHat Linux: 7.3, Debian Debian Linux: 3.0, RedHat Linux: 8.0, Turbolinux Turbolinux: 8 Server, Turbolinux Turbolinux: 8 Workstation, Turbolinux Turbolinux: 7 Server, Turbolinux Turbolinux: 7 Workstation, RedHat Enterprise Linux: 2.1 AS, RedHat Enterprise Linux: 2.1 ES, RedHat Enterprise Linux: 2.1 WS, RedHat Linux: 9.0, RedHat Enterprise Linux: 2.1 AW, Conectiva Linux: 9.0, RedHat Linux Advanced Workstation: 2.1 Itanium, RedHat Linux: 7.1 for pSeries, RedHat Linux: 7.1 for iSeries, Linux Kernel: 2.4.0
Description:

The Linux Kernel is vulnerable to a denial of service, caused by improper handling of TCP/IP fragment reassembly. A remote attacker could send specially-crafted packets that would cause a large number of hash table collisions, which would consume all available CPU resources.

Remedy:

For Red Hat Linux:
Upgrade to the latest kernel packages, as listed below. Refer to RHSA-2003:187-25, RHSA-2003:190-25, RHSA-2003:195-06, and RHSA-2003:198-16 for more information. See References.

Red Hat 7.1, 7.2 and 7.3: 2.4.20-18.7 or later
Red Hat 8.0: 2.4.20-18.8 or later
Red Hat 9.0: 2.4.20-18.9 or later
Red Hat Enterprise Linux AS (v. 2.1) and Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor: 2.4.18-e37 or later

For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest kernel package (2.2.20-5woody2 or 2.2.20-5woody3 or later), as listed in DSA-336-1. See References.

For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest kernel powerpc package (2.4.18-1woody1 or later), as listed in DSA-312-1. See References.

For Debian GNU/Linux 3.0 (woody) containing the linux-kernel-2.4.17-s390 package:
Upgrade to the latest kernel package (0.0.20020816-0.woody.2 or later), as listed in DSA-442-1. See References.

For Turbolinux:
Upgrade to the latest kernel package, as listed below. Refer to Turbolinux Security Advisory TLSA-2003-41 for more information. See References.

Turbolinux: 2.4.18-13 or later

For Conectiva Linux 8:
Upgrade to the latest version of kernel (2.4.19-1U80_18cl or later), as listed in Conectiva Linux Security Announcement CLSA-2003:796. See References.

For Conectiva Linux 9:
Upgrade to the latest version of kernel (2.4.21-31301U90_4cl or later), as listed in Conectiva Linux Security Announcement CLSA-2003:702. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

Additional Information: Service Release 3.19
References:

RHSA-2003:187-25
Updated 2.4 kernel fixes vulnerabilities and driver bugs
https://rhn.redhat.com/errata/RHSA-2003-187.html

DSA-311-1
linux-kernel-2.4.18 -- several
http://www.debian.org/security/2003/dsa-311

DSA-312-1
kernel-patch-2.4.18-powerpc -- several
http://www.debian.org/security/2003/dsa-312

DSA-336-1
linux-kernel-2.2.20 -- several
http://www.debian.org/security/2003/dsa-336

DSA-332-1
linux-kernel-2.4.17 -- several
http://www.debian.org/security/2003/dsa-332

Turbolinux Security Advisory TLSA-2003-41
Multiple vulnerabilities in kernel
http://cc.turbolinux.com/security/TLSA-2003-41.txt

Conectiva Linux Security Announcement CLSA-2003:702
kernel
http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000701

RHSA-2003:190-25
Updated 2.4 kernel for pSeries and iSeries fixes vulnerabilities
https://rhn.redhat.com/errata/RHSA-2003-190.html

RHSA-2003:195-06
Updated kernel addresses security vulnerabilities
https://rhn.redhat.com/errata/RHSA-2003-195.html

RHSA-2003:198-16
Updated IA64 kernel packages fix security vulnerabilities
https://rhn.redhat.com/errata/RHSA-2003-198.html

Conectiva Linux Security Announcement CLSA-2003:796
kernel
http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000796

DSA-442-1
linux-kernel-2.4.17-s390 -- several vulnerabilities
http://www.debian.org/security/2004/dsa-442

ISS X-Force
Linux kernel hash table collision packets denial of service
http://www.iss.net/security_center/static/12160.php

CVE CVE-2003-0364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0364


X-Force Logo
Know Your Risks
Mitre.org CVE Logo
Common Vulnerabilties & Exposures