Vulnerability Note VU#471084

Linux kernel IP stack incorrectly calculates size of an ICMP citation for ICMP errors

Original Release date: 09 Jun 2003 | Last revised: 14 Oct 2003


The Linux 2.0 kernel contains a vulnerability in the way it processes ICMP errors. This could lead to portions of memory being leaked to a malicious user.


The Linux 2.0 kernel (versions 2.0 through 2.0.39 inclusive) contains an error in the calculation of the size for an ICMP citation. A citation is created for ICMP error responses. This miscalculation may lead to random data stored in memory being returned in the response.

This vulnerability could be used by an attacker to gain sensitive information about the system, which may aid in an attack.


Sensitive information may be leaked to an attacker.


Upgrade or apply a patch as necessary. Please see the vendor Section to determine if your product is vulnerable.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
WatchGuardAffected-14 Oct 2003
Check PointNot Affected-03 Jun 2003
ClavisterNot Affected-03 Jun 2003
FujitsuNot Affected-26 Jun 2003
HitachiNot Affected-11 Jun 2003
Ingrian NetworksNot Affected-03 Jun 2003
NetscreenNot Affected-03 Jun 2003
NovellNot Affected-03 Jun 2003
Secure Computing CorporationNot Affected-26 Jun 2003
StonesoftNot Affected-03 Jun 2003
Sun Microsystems Inc.Not Affected-03 Jun 2003
Symantec CorporationNot Affected-03 Jun 2003
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



Thanks to Philippe Biondi of Cartel S e curity for reporting this vulnerability.

This document was written by Jason A Rafail.

Other Information

  • CVE IDs: Unknown
  • Date Public: 09 Jun 2003
  • Date First Published: 09 Jun 2003
  • Date Last Updated: 14 Oct 2003
  • Severity Metric: 1.37
  • Document Revision: 5


If you have feedback, comments, or additional information about this vulnerability, please send us email.