CVE-2005-2973

Linux Kernel < 2.6.14-rc5 - Denial of Service via UDPv6 Port Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2973. PoCs published by Rémi Denis-Courmont.

AI-analyzed exploit summary This exploit triggers a local denial-of-service vulnerability in the Linux kernel by causing an infinite loop when binding IPv6 UDP ports. It exhausts available ports and forces the kernel into an unresolvable state.

Description

The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).

Exploits (1)

exploitdb WORKING POC VERIFIED

by Rémi Denis-Courmont · cdoslinux

https://www.exploit-db.com/exploits/26382

View Code ZIP pw:eip

This exploit triggers a local denial-of-service vulnerability in the Linux kernel by causing an infinite loop when binding IPv6 UDP ports. It exhausts available ports and forces the kernel into an unresolvable state.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Linux Kernel < 2.6.14 with IPv6

No auth needed

Prerequisites: IPv6 enabled · Local access to the system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (34)

Core 34

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2006-0140.html

Vendor Advisory x_refsource_confirm

http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2006-0493.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17917

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/18684

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17261

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170772

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10041

Third Party Advisory, VDB Entry vendor-advisory x_refsource_suse

http://www.securityfocus.com/advisories/9806

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2006:040

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19369

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21745

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2006/dsa-1018

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19185

Third Party Advisory, VDB Entry vendor-advisory x_refsource_suse

http://www.securityfocus.com/archive/1/419522/100/0/threaded

Third Party Advisory, VDB Entry vendor-advisory x_refsource_fedora

http://www.securityfocus.com/archive/1/428058/100/0/threaded

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2005/2173

Third Party Advisory, VDB Entry vendor-advisory x_refsource_fedora

http://www.securityfocus.com/advisories/9555

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/219-1/

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2006-0190.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15156

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/20163

Third Party Advisory, VDB Entry vendor-advisory x_refsource_fedora

http://www.securityfocus.com/archive/1/428028/100/0/threaded

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17280

Third Party Advisory, VDB Entry vendor-advisory x_refsource_fedora

http://www.securityfocus.com/advisories/9549

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2006:072

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17918

Third Party Advisory, VDB Entry vendor-advisory x_refsource_fedora

http://www.securityfocus.com/archive/1/427980/100/0/threaded

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2006/dsa-1017

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20237

Various Sources x_refsource_confirm

http://linux.bkbits.net:8080/linux-2.6/cset%404342df67SNhRx_3FGhUrrU-FXLlQIA

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19374

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2006-0191.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/18562

Scores

EPSS 0.0079

EPSS Percentile 51.4%

Details

Status published

Products (32)

linux/linux_kernel 2.6.0

linux/linux_kernel 2.6.1

linux/linux_kernel 2.6.2

linux/linux_kernel 2.6.3

linux/linux_kernel 2.6.4

linux/linux_kernel 2.6.5

linux/linux_kernel 2.6.6

linux/linux_kernel 2.6.7

linux/linux_kernel 2.6.8

linux/linux_kernel 2.6.8.1

... and 22 more

Published Oct 27, 2005

Tracked Since Feb 18, 2026