Linux SCTP ICMP Packet Handling Null Dereference Remote DoS

high Nessus Plugin ID 19777

Synopsis

It is possible to crash the remote host by sending it malformed ICMP packets.

Description

Linux kernels older than version 2.6.13 contain a bug that may allow an attacker to cause a NULL pointer dereference by sending malformed ICMP packets, thus resulting in a kernel panic.

This flaw is present only if SCTP support is enabled on the remote host.

An attacker can use this to make this host crash continuously, thus preventing legitimate users from using it.

Solution

Ugprade to Linux 2.6.13 or newer, or disable SCTP support.

See Also

http://oss.sgi.com/projects/netdev/archive/2005-07/msg00140.html

Plugin Details

Severity: High

ID: 19777

File Name: linux_icmp_sctp_DoS.nasl

Version: 1.20

Type: remote

Published: 9/23/2005

Updated: 3/6/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:linux:kernel

Required KB Items: Settings/ParanoidReport