[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-4326Date: (C)2012-05-17   (M)2023-12-22


The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.1
Exploit Score: 8.6
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
BID-50751
http://www.openwall.com/lists/oss-security/2011/11/21/10
http://downloads.avaya.com/css/P8/documents/100156038
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a9cf73ea7ff78f52662c8658d93c226effbbedde
https://bugzilla.redhat.com/show_bug.cgi?id=682066
https://bugzilla.redhat.com/show_bug.cgi?id=755584
https://github.com/torvalds/linux/commit/a9cf73ea7ff78f52662c8658d93c226effbbedde

CWE    1
CWE-399
OVAL    14
oval:org.secpod.oval:def:1601245
oval:org.secpod.oval:def:700698
oval:org.secpod.oval:def:700690
oval:org.secpod.oval:def:700681
...

© SecPod Technologies