PT-2012-6363 · Opensuse+4 · Opensuse Kernel-Ec2-Extra+5

Ben Hutchings

·

Published

1970-01-01

·

Updated

2024-06-15

·

CVE-2012-3412

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.2.30 openSUSE kernel-ec2-extra (affected versions not specified) openSUSE kernel-ec2-extra-debuginfo (affected versions not specified)
Description The issue allows remote attackers to cause a denial of service, potentially leading to a network-controller outage. This can be triggered via crafted TCP packets that exploit a small MSS value. Multiple vulnerabilities in the openSUSE kernel-ec2-extra and kernel-ec2-extra-debuginfo packages can also lead to disruption of protected information, with exploitation possible remotely.
Recommendations For Linux kernel versions prior to 3.2.30, update to version 3.2.30 or later to resolve the issue. For openSUSE kernel-ec2-extra, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For openSUSE kernel-ec2-extra-debuginfo, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

BDU:2015-05480
BDU:2015-05481
CESA-2012_1366
CVE-2012-3412
OPENSUSE-SU-2012_1330-1
OPENSUSE-SU-2013_0396-1
OPENSUSE-SU-2024:10128-1
RHSA-2012:1323
RHSA-2012:1347
RHSA-2012:1366
RHSA-2012:1375
RHSA-2012:1401
RHSA-2012:1430
RHSA-2012_1323
RHSA-2012_1366
SUSE-SU-2015:0481-1
SUSE-SU-2015:0652-1
SUSE-SU-2019:14051-1
SUSE-SU-2019_14051-1
USN-1260-1
USN-1567-1
USN-1568-1
USN-1572-1
USN-1573-1
USN-1574-1
USN-1575-1
USN-1577-1
USN-1578-1
USN-1579-1
USN-1580-1

Affected Products

Centos
Linux Kernel
Red Hat
Suse
Opensuse Kernel-Ec2-Extra
Opensuse Kernel-Ec2-Extra-Debuginfo