Описание
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
Отчет
This issue did not affect the Linux kernel as shipped with Red Hat Enterprise MRG as it has backported the fix that addresses this issue. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates. This has been addressed in Red Hat Enterprise Linux 5 and 6 via https://rhn.redhat.com/errata/RHSA-2011-1386.html and https://rhn.redhat.com/errata/RHSA-2011-1465.html.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | kernel | Will not fix | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Affected | ||
| Red Hat Enterprise Linux 5 | kernel | Fixed | RHSA-2011:1386 | 20.10.2011 |
| Red Hat Enterprise Linux 5.6 EUS - Server Only | kernel | Fixed | RHSA-2012:0358 | 06.03.2012 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2011:1465 | 22.11.2011 |
Показывать по
Дополнительная информация
Статус:
7.1 High
CVSS2
Связанные уязвимости
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
The IPv6 implementation in the Linux kernel before 3.1 does not genera ...
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить доступность защищаемой информации
7.1 High
CVSS2