Lucene search

[email protected]CVE-2011-3188

HistoryMay 24, 2012 - 11:55 p.m.

CVE-2011-3188

2012-05-2423:55:02

[email protected]

web.nvd.nist.gov

870

linux kernel

cve-2011-3188

networking

hijack

session

denial of service

md4 algorithm

ipv4

ipv6

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

8.7 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Affected configurations

NVD

Node

linuxlinux_kernelRange<3.1

Node

redhatenterprise_linuxMatch4.0

Node

f5arxRange6.0.0–6.4.0

f5big-ip_access_policy_managerRange10.1.0–10.2.4

f5big-ip_access_policy_managerRange11.0.0–11.1.0

f5big-ip_analyticsRange11.0.0–11.1.0

f5big-ip_application_security_managerRange10.0.0–10.2.4

f5big-ip_application_security_managerRange11.0.0–11.1.0

f5big-ip_edge_gatewayRange10.1.0–10.2.4

f5big-ip_edge_gatewayRange11.0.0–11.1.0

f5big-ip_global_traffic_managerRange10.0.0–10.2.4

f5big-ip_global_traffic_managerRange11.0.0–11.1.0

f5big-ip_link_controllerRange10.0.0–10.2.4

f5big-ip_link_controllerRange11.0.0–11.1.0

f5big-ip_local_traffic_managerRange10.0.0–10.2.4

f5big-ip_local_traffic_managerRange11.0.0–11.1.0

f5big-ip_protocol_security_moduleRange10.0.0–10.2.4

f5big-ip_protocol_security_moduleRange11.0.0–11.1.0

f5big-ip_wan_optimization_managerRange10.0.0–10.2.4

f5big-ip_wan_optimization_managerRange11.0.0–11.1.0

f5big-ip_webacceleratorRange10.0.0–10.2.4

f5big-ip_webacceleratorRange11.0.0–11.1.0

f5enterprise_managerRange2.1.0–2.3.0

f5enterprise_managerMatch3.0.0

f5firepassRange6.0.0–6.1.0

f5firepassMatch7.0.0

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.1

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.1

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f

marc.info/?l=bugtraq&m=139447903326211&w=2

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1

www.openwall.com/lists/oss-security/2011/08/23/2

bugzilla.redhat.com/show_bug.cgi?id=732658

github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec

github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f

support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

8.7 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2011-3188

ibm5 prion1 nessus35 nvd1 veracode1 f52 cvelist1 ubuntucve1 redhat5 securityvulns4 amazon2 openvas49 ubuntu12 suse3 oraclelinux4 centos1 debian3 osv2 fedora4 vmware2