Gentoo Logo

iproute local Denial of Service vulnerability

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200404-10 /
Release Date April 09, 2004
Latest Revision April 09, 2004: 01
Impact low
Exploitable local
Package Vulnerable versions Unaffected versions Architecture(s)
sys-apps/iproute <= 20010824-r4 >= 20010824-r5 All supported architectures

Related bugreports: #34294

Synopsis

The iproute package allows local users to cause a denial of service.

2.  Impact Information

Background

iproute is a set of tools for managing linux network routing and advanced features.

Description

It has been reported that iproute can accept spoofed messages on the kernel netlink interface from local users. This could lead to a local Denial of Service condition.

Impact

Local users could cause a Denial of Service.

3.  Resolution Information

Workaround

A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.

Resolution

All iproute users should upgrade to version 20010824-r5 or later:

Code Listing 3.1: Resolution

# emerge sync
# emerge -pv ">=sys-apps/iproute-20010824-r5";
# emerge ">=sys-apps/iproute-20010824-r5";

4.  References

Print

Updated April 09, 2004

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Support OSL
Gentoo Centric Hosting: vr.org
Tek Alchemy
SevenL.net
Global Netoptex Inc.
Bytemark
Online Kredit Index
Copyright 2001-2009 Gentoo Foundation, Inc. Questions, Comments? Contact us.