CVE-2004-0626
published 2004-12-06CVE-2004-0626: The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a…
PriorityP417medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.76%
84.4th percentile
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| conectiva | linux | — | — |
| linux | linux_kernel | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-67c4-9qg5-5597: The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2
ghsa_unreviewed·2022-04-29·CVSS 5.0
CVE-2004-0592 [MEDIUM] GHSA-67c4-9qg5-5597: The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.
GHSA
GHSA-hvfj-m7r2-j689: The tcp_find_option function of the netfilter subsystem in Linux kernel 2
ghsa_unreviewed·2022-04-29
CVE-2004-0626 [MEDIUM] GHSA-hvfj-m7r2-j689: The tcp_find_option function of the netfilter subsystem in Linux kernel 2
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852http://lwn.net/Articles/91964/http://marc.info/?l=bugtraq&m=108861141304495&w=2http://www.gentoo.org/security/en/glsa/glsa-200407-12.xmlhttp://www.novell.com/linux/security/advisories/2004_20_kernel.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16554http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852http://lwn.net/Articles/91964/http://marc.info/?l=bugtraq&m=108861141304495&w=2http://www.gentoo.org/security/en/glsa/glsa-200407-12.xmlhttp://www.novell.com/linux/security/advisories/2004_20_kernel.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16554
2004-12-06
Published