PT-2012-3357 · Linux+1 · Linux Kernel+1

Eugene Teo

Publicado

2012-04-17

Atualizado

2023-02-13

CVE-2012-1583

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.22

Description The issue is related to a double free vulnerability in the xfrm6 tunnel rcv function. This vulnerability can be exploited by remote attackers who send crafted IPv6 packets, potentially causing a denial of service (panic) when the xfrm6 tunnel module is enabled.

Recommendations For Linux kernel versions prior to 2.6.22, update to version 2.6.22 or later to resolve the issue. As a temporary workaround, consider disabling the xfrm6 tunnel module to minimize the risk of exploitation.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2012-1583

RHSA-2012:0480

RHSA-2012:0720

RHSA-2012_0480

Produtos afetados

Linux Kernel

Red Hat

PT-2012-3357 · Linux+1 · Linux Kernel+1

CVE-2012-1583

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12