CVE-2004-0626

4 documents4 sources

Severity

5.0MEDIUM

EPSS

1.7%

top 17.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Conectiva Linux Linux Linux Kernel Suse Suse Linux

Timeline

PublishedDec 6

Latest updateApr 29

Description

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDlinux/linux_kernel2.6.0

▶NVDconectiva/linux10

▶NVDsuse/suse_linux5 versions+4

Patches

Patch: distro.conectiva.com.br ↗Patch: lwn.net ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-hvfj-m7r2-j689: The tcp_find_option function of the netfilter subsystem in Linux kernel 2↗2022-04-29

▶

CVEList

CVE-2004-0626: The tcp_find_option function of the netfilter subsystem in Linux kernel 2↗2004-07-06

▶