GLSA-200407-12 : Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling

Medium Nessus Plugin ID 14545


The remote Gentoo host is missing one or more security-related patches.


The remote host is affected by the vulnerability described in GLSA-200407-12 (Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling)

An attacker can utilize an erroneous data type in the IPTables TCP option handling code, which lies in an iterator. By making a TCP packet with a header length larger than 127 bytes, a negative integer would be implied in the iterator.
Impact :

By sending one malformed packet, the kernel could get stuck in a loop, consuming all of the CPU resources and rendering the machine useless, causing a Denial of Service. This vulnerability requires no local access.
Workaround :

If users do not use the netfilter functionality or do not use any ``--tcp-option'' rules they are not vulnerable to this exploit. Users that are may remove netfilter support from their kernel or may remove any ``--tcp-option'' rules they might be using. However, all users are urged to upgrade their kernels to patched versions.


Users are encouraged to upgrade to the latest available sources for their system:
# emerge sync # emerge -pv your-favorite-sources # emerge your-favorite-sources # # Follow usual procedure for compiling and installing a kernel.
# # If you use genkernel, run genkernel as you would do normally.

See Also

Plugin Details

Severity: Medium

ID: 14545

File Name: gentoo_GLSA-200407-12.nasl

Version: $Revision: 1.15 $

Type: local

Published: 2004/08/30

Modified: 2015/04/13

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:aa-sources, p-cpe:/a:gentoo:linux:ck-sources, p-cpe:/a:gentoo:linux:development-sources, p-cpe:/a:gentoo:linux:gentoo-dev-sources, p-cpe:/a:gentoo:linux:hardened-dev-sources, p-cpe:/a:gentoo:linux:hppa-dev-sources, p-cpe:/a:gentoo:linux:mips-sources, p-cpe:/a:gentoo:linux:mm-sources, p-cpe:/a:gentoo:linux:pegasos-dev-sources, p-cpe:/a:gentoo:linux:rsbac-dev-sources, p-cpe:/a:gentoo:linux:uclinux-sources, p-cpe:/a:gentoo:linux:usermode-sources, p-cpe:/a:gentoo:linux:win4lin-sources, p-cpe:/a:gentoo:linux:xbox-sources, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 2004/07/14

Vulnerability Publication Date: 2004/06/30

Reference Information

CVE: CVE-2004-0626

OSVDB: 7316

GLSA: 200407-12