CVE: CAN-2003-0244
Updated: Tue, 06 Jul 2004 14:34:07 +0900
Summary: The route cache implementation in Linux 2.4, and the Netfilter IP
         conntrack module, allows remote attackers to cause a denial of 
	 service (CPU consumption) via packets with forged source addresses 
	 that cause a large number of hash table collisions. 
	 (text:CAN-2003-0244)
Priority: High
Status: Closed
Source: RHSA-2003:172-27, DSA-311-1
Link:  http://www.ultramonkey.org/news_archive.shtml#2003060500
       http://www.ultramonkey.org/news_archive.shtml#2003080601
Resolved In:
  Kernel: 2.4.21-rc2
  Patch:  http://linux.bkbits.net:8080/linux-2.4/cset@1.930.118.2??nav=index.html
  Red Hat Linux 7.3:
          Vendor:      kernel-2.4.20-13.7
          UltraMonkey: kernel-2.4.20-18.7.um.1
  Red Hat Linux 8.0:
          Vendor:      kernel-2.4.20-13.8
          UltraMonkey: kernel-2.4.20-18.8.um.1
  Red Hat Linux 9:
          Vendor:      kernel-2.4.20-13.9
          UltraMonkey: kernel-2.4.20-19.9.um.1 (initial release)
  Fedora Core 1:
            Vendor:      (Not Vulnerable >=2.4.21-rc2)
          UltraMonkey: (Not Vulnerable >=2.4.21-rc2)
  Red Hat Enterprise Linux 3:
          Vendor:      (Not Vulnerable >=2.4.21-rc2)
          UltraMonkey: (Not Vulnerable >=2.4.21-rc2)
  Debian Woody:
          Vendor:      kernel-source-2.4.18_2.4.18-8
          UltraMonkey: kernel-source-2.4.20_2.4.20-11
  Debian Sid:
          Vendor:      kernel-source-2.4.20_2.4.20-7
          UltraMonkey: kernel-source-2.4.20_2.4.20-11