CVE-2004-1137

Linux kernel 2.4.22-2.4.28 and 2.6.x-2.6.9 - Denial of Service and Remote Code Execution via IGMP Functionality

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1137. PoCs published by Paul Starzetz.

AI-analyzed exploit summary This exploit triggers a local denial-of-service (DoS) in Linux kernels by manipulating IGMP source filtering via repeated `IP_UNBLOCK_SOURCE` operations, causing a kernel crash. It leverages improper handling of source filter counts in the `igmp.c` implementation.

Description

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Paul Starzetz · cdoslinux
https://www.exploit-db.com/exploits/686

This exploit triggers a local denial-of-service (DoS) in Linux kernels by manipulating IGMP source filtering via repeated `IP_UNBLOCK_SOURCE` operations, causing a kernel crash. It leverages improper handling of source filter counts in the `igmp.c` implementation.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Linux kernel (versions affected by CVE-2004-1137)
No auth needed
Prerequisites: Local access to the target system · Ability to create raw sockets
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110306397320336&w=2
Issue Tracking vendor-advisory x_refsource_fedora
https://bugzilla.fedora.us/show_bug.cgi?id=2336
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11144
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2004_44_kernel.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-092.html
Vendor Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
Various Sources x_refsource_misc
http://isec.pl/vulnerabilities/isec-0018-igmp.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18482
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18481

Scores

EPSS 0.2082
EPSS Percentile 97.2%

Details

Status published
Products (22)
linux/linux_kernel 2.4.0 (13 CPE variants)
linux/linux_kernel 2.4.1
linux/linux_kernel 2.4.2
linux/linux_kernel 2.4.3
linux/linux_kernel 2.4.4
linux/linux_kernel 2.4.5
linux/linux_kernel 2.4.6
linux/linux_kernel 2.4.7
linux/linux_kernel 2.4.8
linux/linux_kernel 2.4.9
... and 12 more
Published Jan 10, 2005
Tracked Since Feb 18, 2026