Linux SCTP ICMP Packet Handling Null Dereference Remote DoS
High Nessus Plugin ID 19777
SynopsisIt is possible to crash the remote host by sending it malformed ICMP packets.
DescriptionLinux kernels older than version 2.6.13 contain a bug that may allow an attacker to cause a NULL pointer dereference by sending malformed ICMP packets, thus resulting in a kernel panic.
This flaw is present only if SCTP support is enabled on the remote host.
An attacker can use this to make this host crash continuously, thus preventing legitimate users from using it.
SolutionUgprade to Linux 2.6.13 or newer, or disable SCTP support.