However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code.
[5] In early implementations of TCP/IP, this bug is easy to exploit and can affect a wide variety of systems including Unix, Linux, Mac, Windows, and peripheral devices.
Devices produced after 1998 include defenses against such attacks,[specify] rendering them resilient to this specific threat.
However, in a notable development, a variant targeting IPv6 packets on Windows systems was identified, leading Microsoft to release a patch in mid-2013.
The underlying data link layer almost always poses limits to the maximum frame size (See MTU).
A malicious user can send an IP fragment with the maximum offset and with much more data than 8 bytes (as large as the physical layer allows it to be).
It is a problem in the reassembly process of IP fragments, which may contain any type of protocol (TCP, UDP, IGMP, etc.).
Windows TCP/IP stack did not handle memory allocation correctly when processing incoming malformed ICMPv6 packets, which could cause remote denial of service.