Red Hat Bugzilla – Bug 174347
CVE-2005-3848 dst_entry leak DoS
Last modified: 2014-06-18 04:28:43 EDT
This flaw affects 2.6 only, but affects RHEL4 due to the backport in ipsec.patch
+++ This bug was initially created as a clone of Bug #174345 +++
CVE-2005-3848 dst_entry leak
Memory leak in the icmp_push_reply function in Linux 2.6
before 18.104.22.168 and 2.6.13 allows remote attackers to cause a
denial of service (memory consumption) via a large number of
crafted packets that cause the ip_append_data function to
fail, aka "DST leak in icmp_push_reply."
fixed upstream in 2.6.13. Patch:
A fix for this problem has just been committed to the RHEL3 E7
patch pool this evening (in kernel version 2.4.21-37.0.1.EL).
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
A fix for this problem has also been committed to the RHEL3 U7
patch pool this evening (in kernel version 2.4.21-39.EL).