Lucene search
RedhatCVE-2011-1927HistoryJun 13, 2012 - 10:24 a.m.
CVE-2011-1927
2012-06-1310:24:54
redhat
web.nvd.nist.gov
57
2
cve-2011-1927
linux kernel
denial of service
ip_expire
icmp_time_exceeded
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
5.6
Confidence
High
EPSS
0.007
Percentile
81.1%
The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets.
Affected configurations
Node
linuxlinux_kernelRange≤2.6.38.8
ORlinuxlinux_kernelMatch2.6.38
ORlinuxlinux_kernelMatch2.6.38rc1
ORlinuxlinux_kernelMatch2.6.38rc2
ORlinuxlinux_kernelMatch2.6.38rc3
ORlinuxlinux_kernelMatch2.6.38rc4
ORlinuxlinux_kernelMatch2.6.38rc5
ORlinuxlinux_kernelMatch2.6.38rc6
ORlinuxlinux_kernelMatch2.6.38rc7
ORlinuxlinux_kernelMatch2.6.38rc8
ORlinuxlinux_kernelMatch2.6.38.1
ORlinuxlinux_kernelMatch2.6.38.2
ORlinuxlinux_kernelMatch2.6.38.3
ORlinuxlinux_kernelMatch2.6.38.4
ORlinuxlinux_kernelMatch2.6.38.5
ORlinuxlinux_kernelMatch2.6.38.6
ORlinuxlinux_kernelMatch2.6.38.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | 2.6.38.5 | cpe:/o:linux:linux_kernel:2.6.38.5::: |
| linux | linux_kernel | 2.6.38 | cpe:/o:linux:linux_kernel:2.6.38:rc5:: |
| linux | linux_kernel | 2.6.38 | cpe:/o:linux:linux_kernel:2.6.38:rc8:: |
| linux | linux_kernel | 2.6.38 | cpe:/o:linux:linux_kernel:2.6.38:rc3:: |
| linux | linux_kernel | 2.6.38.2 | cpe:/o:linux:linux_kernel:2.6.38.2::: |
| linux | linux_kernel | 2.6.38.6 | cpe:/o:linux:linux_kernel:2.6.38.6::: |
| linux | linux_kernel | 2.6.38 | cpe:/o:linux:linux_kernel:2.6.38::: |
| linux | linux_kernel | 2.6.38.7 | cpe:/o:linux:linux_kernel:2.6.38.7::: |
| linux | linux_kernel | 2.6.38 | cpe:/o:linux:linux_kernel:2.6.38:rc7:: |
| linux | linux_kernel | 2.6.38.4 | cpe:/o:linux:linux_kernel:2.6.38.4::: |
References
Social References
More
Related
prion
prion
Null pointer dereference
2012-06-13 10:24:00
nvd
nvd
CVE-2011-1927
2012-06-13 10:24:54
seebug
seebug
Linux Kernel "ip_expire()"拒绝服务漏洞
2011-05-20 00:00:00
redhatcve
redhatcve
CVE-2011-1927
2015-10-30 10:26:33
cvelist
cvelist
CVE-2011-1927
2012-06-13 10:00:00
ubuntucve
ubuntucve
CVE-2011-1927
2011-05-18 00:00:00
nessus
nessus
Ubuntu 10.10 : linux vulnerabilities (USN-1379-1)
2012-02-29 00:00:00
USN-1383-1 : linux-ti-omap4 vulnerabilities
2012-03-07 00:00:00
Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1387-1)
2012-03-07 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1379-1)
2012-03-07 00:00:00
Ubuntu Update for linux USN-1379-1
2012-03-07 00:00:00
Ubuntu Update for linux-ti-omap4 USN-1383-1
2012-03-07 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2012-02-28 00:00:00
Linux kernel (OMAP4) vulnerabilities
2012-03-06 00:00:00
Linux kernel (Maverick backport) vulnerabilities
2012-03-06 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
5.6
Confidence
High
EPSS
0.007
Percentile
81.1%
Related for CVE-2011-1927