Candidate: CVE-2009-0778
PublicDate: 2009-03-12 15:20:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0778
Description:
 The icmp_send function in net/ipv4/icmp.c in the Linux kernel before
 2.6.25, when configured as a router with a REJECT route, does not properly
 manage the Protocol Independent Destination Cache (aka DST) in some
 situations involving transmission of an ICMP Host Unreachable message,
 which allows remote attackers to cause a denial of service (connectivity
 outage) by sending a large series of packets to many destination IP
 addresses within this REJECT route, related to an "rt_cache leak."
Ubuntu-Description:
Notes:
 smb> The commit which (according to the commit message) introduced the problem was in v2.6.25-rc1, the fix in v2.6.25-rc8. So Dapper and Hardy are not affected.
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: needs-triage
dapper_linux-source-2.6.15: not-affected
gutsy_linux-source-2.6.15: DNE
hardy_linux-source-2.6.15: DNE
intrepid_linux-source-2.6.15: DNE
jaunty_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux-source-2.6.22:
upstream_linux-source-2.6.22: needs-triage
dapper_linux-source-2.6.22: DNE
gutsy_linux-source-2.6.22: needed (reached end-of-life)
hardy_linux-source-2.6.22: DNE
intrepid_linux-source-2.6.22: DNE
jaunty_linux-source-2.6.22: DNE
devel_linux-source-2.6.22: DNE

Patches_linux:
upstream_linux: needs-triage
dapper_linux: DNE
gutsy_linux: DNE
hardy_linux: not-affected
intrepid_linux: not-affected (2.6.27)
jaunty_linux: not-affected (2.6.28)
devel_linux: not-affected (2.6.28)