CVE-2009-0778

high VMware
CVSS v3 Base Score
7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS Score
1.5%
Exploitation probability in 30 days
Top 19% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
C
Published: March 12, 2009 (6272 days ago)
Last Modified: April 23, 2026
Vendor: VMware
Source: NVD

Description

The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route, related to an "rt_cache leak."

CWE

NVD-CWE-Other

Affected Products

linux linux kernelvmware vcentervmware virtualcentervmware servervmware esxvmware vma

References

🔗 git.kernel.org 🔗 openwall.com 🔗 secunia.com 🔗 secunia.com 🔗 www.kernel.org