CVE-2006-0454

Publication date 7 February 2006

Last updated 24 July 2024

Ubuntu priority

Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
linux-source-2.6.15	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-29.58
linux-source-2.6.17	7.04 feisty	Not in release
	6.10 edgy	Fixed 2.6.17.1-12.40
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-250-1
Linux kernel vulnerability
15 February 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-0454