Linux Kernel ICMP_Send远程拒绝服务漏洞

CNNVD-ID编号	CNNVD-200602-080	CVE编号	CVE-2006-0454
发布时间	2006-02-07	更新时间	2006-04-28
漏洞类型	资源管理错误	漏洞来源	The vendor disclosed this issue.
危险等级	中危	威胁类型	远程
厂商	linux

漏洞介绍

Linux Kernel 2.6.12到2.6.15.3版本中，若icmp.c中的ip_options_echo功能故障，则无法正确在icmp_send中构建ICMP响应。远程攻击者可以借助向量，如设置了needaddr位以及具有截断值的(1) record-route和(2)IP时间戳选项，来造成拒绝服务(崩溃)。

漏洞补丁

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

S.u.S.E. Linux Professional 10.0

SuSE kernel-default-2.6.13-15.8.ppc.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-default-2. 6.13-15.8.ppc.rpm

SuSE kernel-default-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default -2.6.13-15.8.x86_64.rpm

SuSE kernel-default-nongpl-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default -nongpl-2.6.13-15.8.x86_64.rpm

SuSE kernel-iseries64-2.6.13-15.8.ppc.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-iseries64- 2.6.13-15.8.ppc.rpm

SuSE kernel-ppc64-2.6.13-15.8.ppc.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-ppc64-2.6. 13-15.8.ppc.rpm

SuSE kernel-smp-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-2.6 .13-15.8.x86_64.rpm

SuSE kernel-smp-nongpl-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-non gpl-2.6.13-15.8.x86_64.rpm

SuSE kernel-source-2.6.13-15.8.ppc.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-source-2.6 .13-15.8.ppc.rpm

SuSE kernel-source-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-source- 2.6.13-15.8.x86_64.rpm

SuSE kernel-syms-2.6.13-15.8.ppc.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-syms-2.6.1 3-15.8.ppc.rpm

SuSE kernel-syms-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-syms-2. 6.13-15.8.x86_64.rpm

SuSE kernel-xen-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-2.6 .13-15.8.x86_64.rpm

SuSE kernel-xen-nongpl-2.6.13-15.8.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-non gpl-2.6.13-15.8.x86_64.rpm

SuSE xen-3.0_8259-0.1.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-3.0_8259-0 .1.x86_64.rpm

SuSE xen-devel-3.0_8259-0.1.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-devel-3.0_ 8259-0.1.x86_64.rpm

SuSE xen-doc-html-3.0_8259-0.1.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-html-3 .0_8259-0.1.x86_64.rpm

SuSE xen-doc-pdf-3.0_8259-0.1.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-pdf-3. 0_8259-0.1.x86_64.rpm

SuSE xen-doc-ps-3.0_8259-0.1.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-doc-ps-3.0 _8259-0.1.x86_64.rpm

SuSE xen-tools-3.0_8259-0.1.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-tools-3.0_ 8259-0.1.x86_64.rpm

SuSE xen-tools-ioemu-3.0_8259-0.1.x86_64.rpm

SUSE LINUX 10.0:

ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/xen-tools-ioem u-3.0_8259-0.1.x86_64.rpm

Linux kernel 2.6 -test6

Linux linux-2.6.15.3.tar.bz2