CVE-2012-2744

Опубликовано: 10 июл. 2012

Источник: redhat

CVSS2: 7.8

Описание

net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets.

Отчет

This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 as they did not include support for netfilter's ipv6 connection tracking module. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux MRG as they already contain the upstream commit that fixes this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2012:1064	10.07.2012
Red Hat Enterprise Linux 6.0 EUS - Server Only	kernel	Fixed	RHSA-2012:1114	24.07.2012
Red Hat Enterprise Linux 6.1 EUS - Server Only	kernel	Fixed	RHSA-2012:1148	07.08.2012
Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only	kernel	Fixed	RHSA-2012:1129	31.07.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-228->CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=833402kernel: netfilter: null pointer dereference in nf_ct_frag6_reasm()

7.8 High

CVSS2

Связанные уязвимости

CVE-2012-2744

ubuntu

больше 13 лет назад

CVE-2012-2744

nvd

больше 13 лет назад

CVE-2012-2744

debian

больше 13 лет назад

net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6 ...

GHSA-rf7q-2943-h3jp

github

больше 3 лет назад

ELSA-2012-1064

oracle-oval

больше 13 лет назад

ELSA-2012-1064: kernel security and bug fix update (IMPORTANT)

7.8 High

CVSS2