#VU95654 Loop with unreachable exit condition ('infinite loop') in Linux kernel - CVE-2004-0626

Cybersecurity Help s.r.o.

Published: 2004-12-06 | Updated: 2017-07-11

Vulnerability identifier: #VU95654

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2004-0626

CWE-ID: CWE-835

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852
https://lwn.net/Articles/91964/
https://marc.info/?l=bugtraq&m=108861141304495&w=2
https://www.gentoo.org/security/en/glsa/glsa-200407-12.xml
https://www.novell.com/linux/security/advisories/2004_20_kernel.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/16554

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Loop with unreachable exit condition ('infinite loop') in Linux kernel