N/A

The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes, which allows remote attackers to cause a denial of service (system crash) via a crafted sequence of messages.

N/A

N/A

Linux kernel ‘fib6_add_rt2node’函数安全漏洞

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.10.1及之前的版本中的IPv6栈中的net/ipv6/ip6_fib.c中的‘fib6_add_rt2node’函数中存在漏洞，该漏洞源于在ECMP路由集中初始即获得集员资格的三个路由路径前两个路由中一个发生变化的情况下，程序没有正确地处理Router Advertisement (RA)消息。远程攻击者可通过发送

N/A

N/A