Lucene search

K

[email protected]NVD:CVE-2013-2017

HistoryMay 03, 2013 - 11:57 a.m.

CVE-2013-2017

2013-05-0311:57:45

CWE-399

[email protected]

web.nvd.nist.gov

4

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

7.2

Confidence

High

EPSS

0.021

Percentile

89.1%

The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤2.6.33.20

OR

linuxlinux_kernelMatch2.6.33

OR

linuxlinux_kernelMatch2.6.33rc1

OR

linuxlinux_kernelMatch2.6.33rc2

OR

linuxlinux_kernelMatch2.6.33rc3

OR

linuxlinux_kernelMatch2.6.33rc4

OR

linuxlinux_kernelMatch2.6.33rc5

OR

linuxlinux_kernelMatch2.6.33rc6

OR

linuxlinux_kernelMatch2.6.33rc7

OR

linuxlinux_kernelMatch2.6.33rc8

OR

linuxlinux_kernelMatch2.6.33.1

OR

linuxlinux_kernelMatch2.6.33.2

OR

linuxlinux_kernelMatch2.6.33.3

OR

linuxlinux_kernelMatch2.6.33.4

OR

linuxlinux_kernelMatch2.6.33.5

OR

linuxlinux_kernelMatch2.6.33.6

OR

linuxlinux_kernelMatch2.6.33.7

OR

linuxlinux_kernelMatch2.6.33.8

OR

linuxlinux_kernelMatch2.6.33.9

OR

linuxlinux_kernelMatch2.6.33.10

OR

linuxlinux_kernelMatch2.6.33.11

OR

linuxlinux_kernelMatch2.6.33.12

OR

linuxlinux_kernelMatch2.6.33.13

OR

linuxlinux_kernelMatch2.6.33.14

OR

linuxlinux_kernelMatch2.6.33.15

OR

linuxlinux_kernelMatch2.6.33.16

OR

linuxlinux_kernelMatch2.6.33.17

OR

linuxlinux_kernelMatch2.6.33.18

OR

linuxlinux_kernelMatch2.6.33.19

References

ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6ec82562ffc6f297d0de36d65776cff8e5704867

www.openwall.com/lists/oss-security/2013/04/29/10

bugzilla.redhat.com/show_bug.cgi?id=957705

github.com/torvalds/linux/commit/6ec82562ffc6f297d0de36d65776cff8e5704867

support.f5.com/csp/article/K39655464

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

7.2

Confidence

High

EPSS

0.021

Percentile

89.1%

Related for NVD:CVE-2013-2017

ubuntucve1 cve1 f51 cvelist1 debiancve1 prion1 altlinux1 openvas5 nessus5 centos1 redhat2 oraclelinux1