Candidate: CVE-2004-1137
References: 
 VULNWATCH:20041214 Linux kernel IGMP vulnerabilities
 BUGTRAQ:20041214 Linux kernel IGMP vulnerabilities
 MISC:http://isec.pl/vulnerabilities/isec-0018-igmp.txt
 CONECTIVA:CLA-2005:930
 URL:http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
 FEDORA:FLSA:2336
 URL:https://bugzilla.fedora.us/show_bug.cgi?id=2336
 MANDRAKE:MDKSA-2005:022
 URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:022
 REDHAT:RHSA-2005:092
 URL:http://www.redhat.com/support/errata/RHSA-2005-092.html
 BUGTRAQ:20041214 [USN-38-1] Linux kernel vulnerabilities
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110306397320336&w=2
 XF:linux-igmpmarksources-dos(18482)
 URL:http://xforce.iss.net/xforce/xfdb/18482
 XF:linux-ipmcsource-code-execution(18481)
 URL:http://xforce.iss.net/xforce/xfdb/18481
Description: 
 Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to
 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial
 of service or execute arbitrary code via (1) the ip_mc_source function, which
 decrements a counter to -1, or (2) the igmp_marksources function, which does
 not properly validate IGMP message parameters and performs an out-of-bounds
 read.
Notes: 
Bugs: 
upstream: 
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-11) [igmp-src-list-fix.dpatch]
2.4.27-sarge-security: released (2.4.27-7) [117-igmp-source-filter-fixes.patch]
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
2.4.18-woody-security-hppa: