MDKSA-2004:148

Package name

iproute2

Date

2004-12-13

Advisory ID

MDKSA-2004:148

Affected versions

9.2 amd64 , CS2.1 x86_64 , 10.0 amd64 , CS2.1 i586 , 10.0 i586 , 9.2 i586 , MNF8.2 i586

Problem description

Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack. The updated packages have been patched to prevent this problem.

Updated packages

9.2 amd64

 8eabf21a5800311960c1a0c624095dea  amd64/9.2/RPMS/iproute2-2.4.7-11.1.92mdk.amd64.rpm
8a514462f7df3790a83f3459529b570b  amd64/9.2/SRPMS/iproute2-2.4.7-11.1.92mdk.src.rpm

CS2.1 x86_64

 2c12ed5a57a03d3fc5817dbb82db9101  x86_64/corporate/2.1/RPMS/iproute2-2.4.7-4.2.C21mdk.x86_64.rpm
675c40d02db789e13254a2dabd246887  x86_64/corporate/2.1/SRPMS/iproute2-2.4.7-4.2.C21mdk.src.rpm

10.0 amd64

 0f077f6057ded8de93567b9f4381bb36  amd64/10.0/RPMS/iproute2-2.4.7-11.1.100mdk.amd64.rpm
44b2961ae2973264493bd34dbabd298f  amd64/10.0/SRPMS/iproute2-2.4.7-11.1.100mdk.src.rpm

CS2.1 i586

 40151a76e2858db11fa0222da80b07e7  corporate/2.1/RPMS/iproute2-2.4.7-4.2.C21mdk.i586.rpm
675c40d02db789e13254a2dabd246887  corporate/2.1/SRPMS/iproute2-2.4.7-4.2.C21mdk.src.rpm

10.0 i586

 290adad6e69300fa2781331090b9710f  10.0/RPMS/iproute2-2.4.7-11.1.100mdk.i586.rpm
44b2961ae2973264493bd34dbabd298f  10.0/SRPMS/iproute2-2.4.7-11.1.100mdk.src.rpm

9.2 i586

 bd787588ff4f13c7f01d1ff72468a58d  9.2/RPMS/iproute2-2.4.7-11.1.92mdk.i586.rpm
8a514462f7df3790a83f3459529b570b  9.2/SRPMS/iproute2-2.4.7-11.1.92mdk.src.rpm

MNF8.2 i586

 9db0dd8abc802c56b6d080267419c605  mnf8.2/RPMS/iproute2-2.2.4-13.1.M82mdk.i586.rpm
028f2565993c862fe24c862d536cec71  mnf8.2/SRPMS/iproute2-2.2.4-13.1.M82mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0856