Lucene search

K

RedhatCVELIST:CVE-2013-4125

HistoryJul 15, 2013 - 8:00 p.m.

CVE-2013-4125

2013-07-1520:00:00

redhat

www.cve.org

1

5.6 Medium

AI Score

Confidence

High

0.046 Low

EPSS

Percentile

92.6%

The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes, which allows remote attackers to cause a denial of service (system crash) via a crafted sequence of messages.

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=307f2fb95e9b96b3577916e73d92e104f8f26494

lists.fedoraproject.org/pipermail/package-announce/2013-July/112454.html

lists.fedoraproject.org/pipermail/package-announce/2013-July/112619.html

www.openwall.com/lists/oss-security/2013/07/15/4

www.securityfocus.com/bid/61166

www.securitytracker.com/id/1028780

bugzilla.redhat.com/show_bug.cgi?id=984664

exchange.xforce.ibmcloud.com/vulnerabilities/85645

github.com/torvalds/linux/commit/307f2fb95e9b96b3577916e73d92e104f8f26494

5.6 Medium

AI Score

Confidence

High

0.046 Low

EPSS

Percentile

92.6%

Related for CVELIST:CVE-2013-4125

nvd2 ubuntucve1 prion2 nessus6 cve2 debiancve1 fedora39 openvas69 oraclelinux1 ubuntu2 securityvulns1