Bug#421595: Please disallow Routing Header Type 0 by default (CVE-2007-2242)
Package: linux-2.6
Severity: grave
Tags: security
The IPv6 protocol allows remote attackers to cause a denial of service via
crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network
amplification between two routers.
There was already a patch for 2.6.20.9
(010831ab8436dfd9304b203467566fb6b135c24f). Please apply this patch to all
debian kernels.
See:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.9
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2242
for more informations.
Thanks
Alex
--- System information. ---
Architecture: powerpc
Kernel: Linux 2.6.20-1-powerpc
Debian Release: lenny/sid
200 unstable debian.netcologne.de
Reply to: