QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2699

Published: May 24, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

https://github.com/torvalds/linux/commit/87c48fa3b4630905f98268dde838ee43626a060c

x_refsource_CONFIRM

[oss-security] 20110720 Re: CVE request: kernel: ipv6: make fragment identifications less predictable

mailing-list

x_refsource_MLIST

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=87c48fa3b4630905f98268dde838ee43626a060c

x_refsource_CONFIRM

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=723429

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.