CVE-2005-3809

NameCVE-2005-3809
DescriptionThe nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via an update message without private protocol information, which triggers a null dereference.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kernel-source-2.4.27sourcesarge(not affected)
kernel-source-2.6.8sourcesarge(not affected)
linux-2.6source(unstable)2.6.14-4medium

Notes

[sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code not present)
[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code not present)

Search for package or bug name: Reporting problems