CVE-1999-0804

Linux Kernel 2.2.x - Denial of Service via Malformed ICMP Packets

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0804. PoCs published by Piotr Wilkin.

AI-analyzed exploit summary This exploit targets a Linux Kernel IPv4 option processing vulnerability (CVE-1999-0804) by sending malformed ICMP packets to trigger a double-free in the kernel, leading to a system crash. It crafts raw IP packets with randomized fields and sends them repeatedly to the target.

Description

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Piotr Wilkin · cdoslinux

https://www.exploit-db.com/exploits/19241

View Code ZIP pw:eip

This exploit targets a Linux Kernel IPv4 option processing vulnerability (CVE-1999-0804) by sending malformed ICMP packets to trigger a double-free in the kernel, leading to a system crash. It crafts raw IP packets with randomized fields and sends them repeatedly to the target.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Linux Kernel (Sparc architecture, Debian 2.1)

No auth needed

Prerequisites: Raw socket permissions · Network access to target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/302

Scores

EPSS 0.0564

EPSS Percentile 92.0%

Details

Status published

Products (4)

debian/debian_linux 2.1

linux/linux_kernel 2.2.0

redhat/linux 6.0

suse/suse_linux 6.1

Published Jun 01, 1999

Tracked Since Feb 18, 2026