Background Print only logo
Cert logo
suomeksi | på svenska
www.ficora.fi
Home Page | Advice | Reports | Activities |

NCSC-FI:

P.O. Box 313
FI-00181 Helsinki
Phone: +358 295 390 230 (lnf/mcf)

PGP keys

Finnish Communications Regulatory Authority (FICORA):


Itämerenkatu 3 A
P. O. Box 313
FI-00180 HELSINKI
Phone: +358 259 390 100 (lnf/mcf)

Detailed contact information

Home Page > Reports > 2010 > CERT-FI Advisory on Linux IPv6 Jumbogram handling

CERT-FI Advisory on Linux IPv6 Jumbogram handling

Target - servers and server applications
- workstations and end user applications
- network devices
- embedded systems
- mobile devices
- other




Access Vector - remote




Impact - potential code execution
- denial of service




Remediation - fix provided by vendor
- workaround




Details

A vulnerability regarding the handling of IPv6 jumbograms has been found in the Linux kernel. The vulnerability allows a remote attacker to cause a Denial of Service by sending single IPv6 jumbogram with invalid contents to a vulnerable system. The vulnerability affects only kernels built with network namespaces enabled.

CERT-FI coordinated the remediation effort of the vulnerability.

Vulnerability Coordination Information and Acknowledgements

CERT-FI has coordinated the release of this vulnerability between the vulnerability researcher and the affected vendors. CERT-FI would like to thank Olli Jarva and Tuomo Untinen from the CROSS project at Codenomicon Oy and the vendors for co-operation in the remediation efforts.

Vendor Information

The vulnerable code is present in Linux kernel tree since Oct 8 2008. Linux distributions running kernels based on upstream kernel after Oct 8 2008 or kernels based on 2.6.31 or later may also be also affected. A git commit (2570a4f5428bcdb1077622342181755741e7fa60) to fix the vulnerability is available and has been merged to 2010-01-15 snapshot.


Remediation

Once available, install either a fixed version of the Linux kernel or a the fixed version of the Linux kernel package provided by your distribution. The vulnerability can additionally be mitigated by disabling IPv6 support or by filtering IPv6 traffic.

References

Contact Information

CERT-FI Vulnerability Coordination can be contacted as follows:

Email:
vulncoord@ficora.fi
Please quote the advisory reference [FICORA #341748] in the subject line

Telephone:
+358 9 6966 510
Monday - Friday 08:00 - 16:15 (EET: UTC+2)

Fax :
+358 9 6966 515

Post:
Vulnerability Coordination
FICORA/CERT-FI
P.O. Box 313
FI-00181 Helsinki
FINLAND

CERT-FI encourages those who wish to communicate via email to make use of our PGP key. The key is available at
https://www.cert.fi/en/activities/contact/pgp-keys.html

The CERT-FI vulnerability coordination policy can be viewed at https://www.cert.fi/en/activities/Vulncoord/vulncoord-policy.html.

Revision History:

21 Jan 2010, 14:57 UTC: Published

Page updated 22.07.2010   Print version Print version