[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-4129Date: (C)2013-07-31   (M)2023-12-22


The bridge multicast implementation in the Linux kernel through 3.10.3 does not check whether a certain timer is armed before modifying the timeout value of that timer, which allows local users to cause a denial of service (BUG and system crash) via vectors involving the shutdown of a KVM virtual machine, related to net/bridge/br_mdb.c and net/bridge/br_multicast.c.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.7
Exploit Score: 3.4
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
BID-61193
http://www.openwall.com/lists/oss-security/2013/07/16/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c7e8e8a8f7a70b343ca1e0f90a31e35ab2d16de1
https://bugzilla.redhat.com/show_bug.cgi?id=984743
https://github.com/torvalds/linux/commit/c7e8e8a8f7a70b343ca1e0f90a31e35ab2d16de1
linux-kernel-cve20134129-dos(85763)

CWE    1
CWE-20

© SecPod Technologies