Background Print only logo
Cert logo
suomeksi | på svenska
Home Page | Advice | Reports | Activities |


P.O. Box 313
FI-00181 Helsinki
Phone: +358 295 390 230 (lnf/mcf)

PGP keys

Finnish Communications Regulatory Authority (FICORA):

Itämerenkatu 3 A
P. O. Box 313
Phone: +358 259 390 100 (lnf/mcf)

Detailed contact information

Home Page > Reports > 2010 > CERT-FI Advisory on Linux IPv6 Jumbogram handling

CERT-FI Advisory on Linux IPv6 Jumbogram handling

Target - servers and server applications
- workstations and end user applications
- network devices
- embedded systems
- mobile devices
- other

Access Vector - remote

Impact - potential code execution
- denial of service

Remediation - fix provided by vendor
- workaround


A vulnerability regarding the handling of IPv6 jumbograms has been found in the Linux kernel. The vulnerability allows a remote attacker to cause a Denial of Service by sending single IPv6 jumbogram with invalid contents to a vulnerable system. The vulnerability affects only kernels built with network namespaces enabled.

CERT-FI coordinated the remediation effort of the vulnerability.

Vulnerability Coordination Information and Acknowledgements

CERT-FI has coordinated the release of this vulnerability between the vulnerability researcher and the affected vendors. CERT-FI would like to thank Olli Jarva and Tuomo Untinen from the CROSS project at Codenomicon Oy and the vendors for co-operation in the remediation efforts.

Vendor Information

The vulnerable code is present in Linux kernel tree since Oct 8 2008. Linux distributions running kernels based on upstream kernel after Oct 8 2008 or kernels based on 2.6.31 or later may also be also affected. A git commit (2570a4f5428bcdb1077622342181755741e7fa60) to fix the vulnerability is available and has been merged to 2010-01-15 snapshot.


Once available, install either a fixed version of the Linux kernel or a the fixed version of the Linux kernel package provided by your distribution. The vulnerability can additionally be mitigated by disabling IPv6 support or by filtering IPv6 traffic.


Contact Information

CERT-FI Vulnerability Coordination can be contacted as follows:

Please quote the advisory reference [FICORA #341748] in the subject line

+358 9 6966 510
Monday - Friday 08:00 - 16:15 (EET: UTC+2)

Fax :
+358 9 6966 515

Vulnerability Coordination
P.O. Box 313
FI-00181 Helsinki

CERT-FI encourages those who wish to communicate via email to make use of our PGP key. The key is available at

The CERT-FI vulnerability coordination policy can be viewed at

Revision History:

21 Jan 2010, 14:57 UTC: Published

Page updated 22.07.2010   Print version Print version