CVE-2012-4444

Published: Dec 21, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36

x_refsource_CONFIRM

SUSE-SU-2013:0856

vendor-advisory

x_refsource_SUSE

RHSA-2012:1580

vendor-advisory

x_refsource_REDHAT

[oss-security] 20121109 Re: CVE request --- acceptation of overlapping ipv6 fragments

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=874835

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70789d7052239992824628db8133de08dc78e593

x_refsource_CONFIRM

https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf

x_refsource_MISC

USN-1661-1

vendor-advisory

x_refsource_UBUNTU

USN-1660-1

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-4444

Description

Affected Products

References