DescriptionThe ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
Note from the SUSE Security TeamThis bug was introduced in Linux kernel 2.6.35, so only openSUSE 11.4 is affected by this issue. Older versions of openSUSE and SUSE Linux Enterprise 9 to 11 are not affected. SUSE Bugzilla entry: 694498 [RESOLVED / FIXED] SUSE Security Advisories:
- openSUSE-SU-2011:0860-1, published Tue, 2 Aug 2011 14:08:17 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE 11.4|| |
|openSUSE 11.4|| ||Patchnames: