CVE-2003-0187

Published: 8/5/2003 Last updated: 8/8/2024 Reserved: 4/1/2003

The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
n/a	n/a	23.0 ap377412

References (4)

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:260
http://marc.info/?l=bugtraq&m=105986028426824&w=2
https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:260
http://marc.info/?l=bugtraq&m=105986028426824&w=2