Linux Kernel NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability

info
discussion
exploit
solution
references

Linux Kernel NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability

The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted.

A local attacker may exploit this issue to trigger an infinite-recursion stack-based overflow in the kernel. This results in a denial of service to legitimate users.

Versions prior to 2.6.20.8 are vulnerable.