QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0778

Published: Mar 12, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route, related to an "rt_cache leak."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c0ecc4c4f8fd90988aab8a95297b9c0038b6160

x_refsource_CONFIRM

http://www.vmware.com/security/advisories/VMSA-2009-0016.html

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:10215

vdb-entry

signature

x_refsource_OVAL

20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

mailing-list

x_refsource_BUGTRAQ

oval:org.mitre.oval:def:7867

vdb-entry

signature

x_refsource_OVAL

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25

x_refsource_CONFIRM

[oss-security] 20090311 CVE-2009-0778 kernel: rt_cache leak

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_SECTRACK

linux-kernel-rtcache-dos(49199)

vdb-entry

x_refsource_XF

https://bugzilla.redhat.com/show_bug.cgi?id=485163

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.