Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4444

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4444
Last Modified 14 Jun 2013 11:15:54
Published 21 Dec 2012 06:47:36
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4444

Summary

The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.30

  • Linux Kernel 2.6.30.1

  • Linux Kernel 2.6.30.10

  • Linux Kernel 2.6.30.2

  • Linux Kernel 2.6.30.3

  • Linux Kernel 2.6.30.4

  • Linux Kernel 2.6.30.5

  • Linux Kernel 2.6.30.6

  • Linux Kernel 2.6.30.7

  • Linux Kernel 2.6.30.8

  • Linux Kernel 2.6.30.9

  • Linux Kernel 2.6.31

  • Linux Kernel 2.6.31-rc10

  • Linux Kernel 2.6.31-rc2

  • Linux Kernel 2.6.31-rc3

  • Linux Kernel 2.6.31-rc4

  • Linux Kernel 2.6.31-rc5

  • Linux Kernel 2.6.31-rc6

  • Linux Kernel 2.6.31-rc7

  • Linux Kernel 2.6.31-rc8

  • Linux Kernel 2.6.31-rc9

  • Linux Kernel 2.6.31.1

  • Linux Kernel 2.6.31.10

  • Linux Kernel 2.6.31.11

  • Linux Kernel 2.6.31.12

  • Linux Kernel 2.6.31.13

  • Linux Kernel 2.6.31.14

  • Linux Kernel 2.6.31.2

  • Linux Kernel 2.6.31.3

  • Linux Kernel 2.6.31.4

  • Linux Kernel 2.6.31.5

  • Linux Kernel 2.6.31.6

  • Linux Kernel 2.6.31.7

  • Linux Kernel 2.6.31.8

  • Linux Kernel 2.6.31.9

  • Linux Kernel 2.6.32

  • Linux Kernel 2.6.32.1

  • Linux Kernel 2.6.32.10

  • Linux Kernel 2.6.32.11

  • Linux Kernel 2.6.32.12

  • Linux Kernel 2.6.32.13

  • Linux Kernel 2.6.32.14

  • Linux Kernel 2.6.32.15

  • Linux Kernel 2.6.32.16

  • Linux Kernel 2.6.32.17

  • Linux Kernel 2.6.32.18

  • Linux Kernel 2.6.32.19

  • Linux Kernel 2.6.32.2

  • Linux Kernel 2.6.32.20

  • Linux Kernel 2.6.32.21

  • Linux Kernel 2.6.32.22

  • Linux Kernel 2.6.32.23

  • Linux Kernel 2.6.32.24

  • Linux Kernel 2.6.32.25

  • Linux Kernel 2.6.32.26

  • Linux Kernel 2.6.32.27

  • Linux Kernel 2.6.32.28

  • Linux Kernel 2.6.32.29

  • Linux Kernel 2.6.32.3

  • Linux Kernel 2.6.32.30

  • Linux Kernel 2.6.32.31

  • Linux Kernel 2.6.32.32

  • Linux Kernel 2.6.32.33

  • Linux Kernel 2.6.32.34

  • Linux Kernel 2.6.32.35

  • Linux Kernel 2.6.32.36

  • Linux Kernel 2.6.32.37

  • Linux Kernel 2.6.32.38

  • Linux Kernel 2.6.32.39

  • Linux Kernel 2.6.32.4

  • Linux Kernel 2.6.32.40

  • Linux Kernel 2.6.32.41

  • Linux Kernel 2.6.32.42

  • Linux Kernel 2.6.32.43

  • Linux Kernel 2.6.32.44

  • Linux Kernel 2.6.32.45

  • Linux Kernel 2.6.32.46

  • Linux Kernel 2.6.32.47

  • Linux Kernel 2.6.32.48

  • Linux Kernel 2.6.32.49

  • Linux Kernel 2.6.32.5

  • Linux Kernel 2.6.32.50

  • Linux Kernel 2.6.32.51

  • Linux Kernel 2.6.32.52

  • Linux Kernel 2.6.32.53

  • Linux Kernel 2.6.32.54

  • Linux Kernel 2.6.32.55

  • Linux Kernel 2.6.32.56

  • Linux Kernel 2.6.32.57

  • Linux Kernel 2.6.32.58

  • Linux Kernel 2.6.32.6

  • Linux Kernel 2.6.32.7

  • Linux Kernel 2.6.32.8

  • Linux Kernel 2.6.32.9

  • Linux Kernel 2.6.33

  • Linux Kernel 2.6.33.1

  • Linux Kernel 2.6.33.10

  • Linux Kernel 2.6.33.11

  • Linux Kernel 2.6.33.12

  • Linux Kernel 2.6.33.13

  • Linux Kernel 2.6.33.14

  • Linux Kernel 2.6.33.15

  • Linux Kernel 2.6.33.16

  • Linux Kernel 2.6.33.17

  • Linux Kernel 2.6.33.18

  • Linux Kernel 2.6.33.19

  • Linux Kernel 2.6.33.2

  • Linux Kernel 2.6.33.20

  • Linux Kernel 2.6.33.3

  • Linux Kernel 2.6.33.4

  • Linux Kernel 2.6.33.5

  • Linux Kernel 2.6.33.6

  • Linux Kernel 2.6.33.7

  • Linux Kernel 2.6.33.8

  • Linux Kernel 2.6.33.9

  • Linux Kernel 2.6.34

  • Linux Kernel 2.6.34.1

  • Linux Kernel 2.6.34.10

  • Linux Kernel 2.6.34.2

  • Linux Kernel 2.6.34.3

  • Linux Kernel 2.6.34.4

  • Linux Kernel 2.6.34.5

  • Linux Kernel 2.6.34.6

  • Linux Kernel 2.6.34.7

  • Linux Kernel 2.6.34.8

  • Linux Kernel 2.6.34.9

  • Linux Kernel 2.6.35

  • Linux Kernel 2.6.35.1

  • Linux Kernel 2.6.35.10

  • Linux Kernel 2.6.35.11

  • Linux Kernel 2.6.35.12

  • Linux Kernel 2.6.35.13

  • Linux Kernel 2.6.35.2

  • Linux Kernel 2.6.35.3

  • Linux Kernel 2.6.35.4

  • Linux Kernel 2.6.35.5

  • Linux Kernel 2.6.35.6

  • Linux Kernel 2.6.35.7

  • Linux Kernel 2.6.35.8

  • Linux Kernel 2.6.35.9

  • Linux Kernel 2.6.36


References

CONFIRM - https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=874835

MISC - https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf

MLIST - [oss-security] 20121109 Re: CVE request --- acceptation of overlapping ipv6 fragments

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=70789d7052239992824628db8133de08dc78e593

CONFIRM - http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36

UBUNTU - USN-1661-1

UBUNTU - USN-1660-1

REDHAT - RHSA-2012:1580

SUSE - SUSE-SU-2013:0856

Related Patches

Red Hat 2013:0168-01 RHSA Moderate: kernel security and bug fix update for RHEL 5 x86


Last Updated: 27 May 2016 11:01:29