CVE-2011-3188

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.1 ext4dev-kmp-trace (affected versions not specified)

Description The issue concerns the Linux kernel's IPv4 and IPv6 implementations, which use a modified MD4 algorithm. This makes it easier for remote attackers to disrupt networking or hijack network sessions by predicting sequence numbers and Fragment Identification values and sending crafted packets. Additionally, multiple vulnerabilities in the ext4dev-kmp-trace package of SUSE Linux Enterprise may lead to a disruption of protected information availability, exploitable remotely.

Recommendations For Linux kernel versions prior to 3.1, update to version 3.1 or later to resolve the issue. For ext4dev-kmp-trace, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2015-04359

CVE-2011-3188

DSA-2303-1

DSA-2310-1

RHSA-2011:1386

RHSA-2011:1419

RHSA-2011:1465

RHSA-2011_1386

RHSA-2011_1465

RHSA-2012:0010

Affected Products

Linux Kernel

Red Hat

Ext4Dev-Kmp-Trace

CVE-2011-3188

Weakness Enumeration

Related Identifiers

Affected Products

References · 14