blob: cb59725fa9cdee815b462183a92b7d8bafd8f871 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200404-10">
<title>iproute local Denial of Service vulnerability</title>
The iproute package allows local users to cause a denial of service.
<product type="ebuild"></product>
<announced>April 09, 2004</announced>
<revised>April 09, 2004: 01</revised>
<package name="sys-apps/iproute" auto="yes" arch="*">
<unaffected range="ge">20010824-r5</unaffected>
<vulnerable range="le">20010824-r4</vulnerable>
iproute is a set of tools for managing linux network routing and advanced
It has been reported that iproute can accept spoofed messages on the kernel
netlink interface from local users. This could lead to a local Denial of
Service condition.
<impact type="low">
Local users could cause a Denial of Service.
A workaround is not currently known for this issue. All users are advised
to upgrade to the latest version of the affected package.
All iproute users should upgrade to version 20010824-r5 or later:
# emerge sync
# emerge -pv ">=sys-apps/iproute-20010824-r5";
# emerge ">=sys-apps/iproute-20010824-r5";
<uri link="">CAN-2003-0856</uri>
<metadata tag="submitter">