Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2744

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2012-2744
Last Modified 21 Mar 2013 11:10:41
Published 09 Aug 2012 06:29:46
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2744

Summary

net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.33

  • Linux Kernel 2.6.33.1

  • Linux Kernel 2.6.33.10

  • Linux Kernel 2.6.33.11

  • Linux Kernel 2.6.33.12

  • Linux Kernel 2.6.33.13

  • Linux Kernel 2.6.33.14

  • Linux Kernel 2.6.33.15

  • Linux Kernel 2.6.33.16

  • Linux Kernel 2.6.33.17

  • Linux Kernel 2.6.33.18

  • Linux Kernel 2.6.33.19

  • Linux Kernel 2.6.33.2

  • Linux Kernel 2.6.33.20

  • Linux Kernel 2.6.33.3

  • Linux Kernel 2.6.33.4

  • Linux Kernel 2.6.33.5

  • Linux Kernel 2.6.33.6

  • Linux Kernel 2.6.33.7

  • Linux Kernel 2.6.33.8

  • Linux Kernel 2.6.33.9


References

CONFIRM - https://github.com/torvalds/linux/commit/9e2dcf72023d1447f09c47d77c99b0c49659e5ce

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=833402

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9e2dcf72023d1447f09c47d77c99b0c49659e5ce

CONFIRM - http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34

REDHAT - RHSA-2012:1148

REDHAT - RHSA-2012:1064

SECUNIA - 49928

BID - 54367

SECTRACK - 1027235

Related Patches

Novell SUSE 2012:8324 kernel security update for SLE 10 SP4 x86_64

Novell SUSE 2012:8325 kernel security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:53:35