Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4565

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2012-4565
Last Modified 21 Aug 2013 11:58:39
Published 21 Dec 2012 06:47:36
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4565

Summary

The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats.

Vulnerable Systems

Operating System

  • Linux Kernel 3.4.1

  • Linux Kernel 3.4.10

  • Linux Kernel 3.4.11

  • Linux Kernel 3.4.12

  • Linux Kernel 3.4.13

  • Linux Kernel 3.4.14

  • Linux Kernel 3.4.15

  • Linux Kernel 3.4.16

  • Linux Kernel 3.4.17

  • Linux Kernel 3.4.18

  • Linux Kernel 3.4.2

  • Linux Kernel 3.4.3

  • Linux Kernel 3.4.4

  • Linux Kernel 3.4.5

  • Linux Kernel 3.4.6

  • Linux Kernel 3.4.7

  • Linux Kernel 3.4.8

  • Linux Kernel 3.4.9


References

CONFIRM - https://github.com/torvalds/linux/commit/8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=871848

MLIST - [oss-security] 20121031 Re: CVE Request -- kernel: net: divide by zero in tcp algorithm illinois

CONFIRM - http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.19

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664

UBUNTU - USN-1649-1

UBUNTU - USN-1648-1

UBUNTU - USN-1647-1

UBUNTU - USN-1646-1

UBUNTU - USN-1644-1

UBUNTU - USN-1652-1

UBUNTU - USN-1645-1

REDHAT - RHSA-2012:1580

UBUNTU - USN-1651-1

UBUNTU - USN-1650-1

BID - 56346

SECUNIA - 51409

FEDORA - FEDORA-2012-17479

Related Patches

Novell SUSE 2013:7273 kernel security update for SLE 11 SP2 i586

Novell SUSE 2013:7277 kernel security update for SLE 11 SP2 x86_64


Last Updated: 27 May 2016 10:53:46