Vulnerability Description
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.4.0 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html
- http://marc.info/?l=bugtraq&m=105301461726555&w=2
- http://marc.info/?l=bugtraq&m=105595901923063&w=2
- http://marc.info/?l=linux-kernel&m=104956079213417
- http://www.debian.org/security/2003/dsa-311PatchVendor Advisory
- http://www.debian.org/security/2003/dsa-312
- http://www.debian.org/security/2003/dsa-332
- http://www.debian.org/security/2003/dsa-336
- http://www.debian.org/security/2004/dsa-442
- http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:066
- http://www.mandriva.com/security/advisories?name=MDKSA-2003:074
- http://www.redhat.com/support/errata/RHSA-2003-145.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-147.html
- http://www.redhat.com/support/errata/RHSA-2003-172.html
FAQ
What is CVE-2003-0244?
CVE-2003-0244 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that...
How severe is CVE-2003-0244?
CVE-2003-0244 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0244?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.