Vigil@nce - Linux kernel: denial of service via Interface IPv4 Addresses
March 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can add/remove numerous IPv4 addresses on a
network interface of the Linux kernel, in order to trigger a
denial of service.
– Impacted products: Fedora, Linux.
– Severity: 1/4.
– Creation date: 15/03/2016.
DESCRIPTION OF THE VULNERABILITY
A network interface can have several IPv4 addresses.
However, when an IPv4 address is removed from the interface,
useless operations are performed. With several thousand addresses,
these operations can last more than one hour.
A local attacker can therefore add/remove numerous IPv4 addresses
on a network interface of the Linux kernel, in order to trigger a
denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-Interface-IPv4-Addresses-19174