CVE-2013-2128

Published: Jun 7, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/baff42ab1494528907bf4d5870359e31711746ae

x_refsource_CONFIRM

[oss-security] 20130529 Re: CVE request: Linux kernel: net: oops from tcp_collapse() when using splice(2)

mailing-list

x_refsource_MLIST

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34

x_refsource_CONFIRM

RHSA-2013:1051

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=baff42ab1494528907bf4d5870359e31711746ae

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=968484

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-2128

Description

Affected Products

References