PT-2012-6363 · Opensuse+4 · Opensuse Kernel-Ec2-Extra+5

Ben Hutchings

·

Publicado

1970-01-01

·

Atualizado

2024-06-15

·

CVE-2012-3412

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.2.30 openSUSE kernel-ec2-extra (affected versions not specified) openSUSE kernel-ec2-extra-debuginfo (affected versions not specified)
Description The issue allows remote attackers to cause a denial of service, potentially leading to a network-controller outage. This can be triggered via crafted TCP packets that exploit a small MSS value. Multiple vulnerabilities in the openSUSE kernel-ec2-extra and kernel-ec2-extra-debuginfo packages can also lead to disruption of protected information, with exploitation possible remotely.
Recommendations For Linux kernel versions prior to 3.2.30, update to version 3.2.30 or later to resolve the issue. For openSUSE kernel-ec2-extra, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For openSUSE kernel-ec2-extra-debuginfo, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

BDU:2015-05480
BDU:2015-05481
CESA-2012_1366
CVE-2012-3412
OPENSUSE-SU-2012_1330-1
OPENSUSE-SU-2013_0396-1
OPENSUSE-SU-2024:10128-1
RHSA-2012:1323
RHSA-2012:1347
RHSA-2012:1366
RHSA-2012:1375
RHSA-2012:1401
RHSA-2012:1430
RHSA-2012_1323
RHSA-2012_1366
SUSE-SU-2015:0481-1
SUSE-SU-2015:0652-1
SUSE-SU-2019:14051-1
SUSE-SU-2019_14051-1
USN-1260-1
USN-1567-1
USN-1568-1
USN-1572-1
USN-1573-1
USN-1574-1
USN-1575-1
USN-1577-1
USN-1578-1
USN-1579-1
USN-1580-1

Produtos afetados

Centos
Linux Kernel
Red Hat
Suse
Opensuse Kernel-Ec2-Extra
Opensuse Kernel-Ec2-Extra-Debuginfo