Vigil@nce: Linux Kernel, denial of service via rt6_fill_node
August 2008 by Vigil@nce
SYNTHESIS
A local attacker can use maliciously the "rt6_fill_node" function
in order to generate a denial of service.
Gravity: 1/4
Consequences: denial of service of computer
Provenance: user account
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 25/08/2008
Identifier: VIGILANCE-VUL-8048
IMPACTED PRODUCTS
– Linux kernel [confidential versions]
DESCRIPTION
IPv6 is the IPv4 successor, this protocol is implemented in Linux
Kernel.
Files defining IPv6 are in the "net/ipv6/" directory.
The "rt6_fill_node" function is defined in the "net/ipv6/route.c"
file at line 2055.
A NULL-pointer dereference error has been detected in this
function. If the default route IPv6 option is configured in the
kernel, so an attacker will be able to use this error to create a
denial of service (Kernel Panic).
CHARACTERISTICS
Identifiers: CVE-2008-3686, VIGILANCE-VUL-8048