PT-2013-1021 · Linux+4 · Linux Kernel+4

Prasad Pandit

Publicado

2013-02-28

Atualizado

2014-06-23

CVE-2013-0343

CVSS v2.0

3.2

Baixa

Vetor

AV:A/AC:H/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.8

Description The issue arises from the improper handling of IPv6 temporary address generation, allowing remote attackers to cause a denial of service and potentially obtain sensitive information. This can be achieved by sending specific ICMPv6 Router Advertisement messages to the router, which can disable the creation of temporary addresses.

Recommendations For Linux kernel versions prior to 3.8, consider disabling the ipv6 create tempaddr function as a temporary workaround until a patch is available. Restrict access to ICMPv6 Router Advertisement messages to minimize the risk of exploitation. Update to a version 3.8 or later to resolve the issue.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2013-1178

BDU:2014-00085

CESA-2013_1645

CVE-2013-0343

DSA-2906-1

MGASA-2013-0371

MGASA-2013-0372

MGASA-2013-0373

MGASA-2013-0374

MGASA-2013-0375

OPENSUSE-SU-2014_0204-1

RHSA-2013:1449

RHSA-2013:1490

RHSA-2013:1645

RHSA-2013_1449

RHSA-2013_1645

SUSE-SU-2014_0832-1

SUSE-SU-2015:0652-1

USN-1976-1

USN-1977-1

USN-2019-1

USN-2020-1

USN-2021-1

USN-2022-1

USN-2023-1

USN-2024-1

USN-2038-1

USN-2039-1

USN-2050-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2013-1021 · Linux+4 · Linux Kernel+4

CVE-2013-0343

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 335