Lucene search

K

Ubuntu.comUB:CVE-2013-2017

HistoryMay 03, 2013 - 12:00 a.m.

CVE-2013-2017

2013-05-0300:00:00

ubuntu.com

ubuntu.com

11

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.021

Percentile

89.1%

The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34
does not properly manage skbs during congestion, which allows remote
attackers to cause a denial of service (system crash) by leveraging lack of
skb consumption in conjunction with a double-free error.

Bugs

<https://launchpad.net/bugs/1174865>

References

marc.info/?l=linux-netdev&m=127310770900442&w=3

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ec82562ffc6f297d0de36d65776cff8e5704867

launchpad.net/bugs/cve/CVE-2013-2017

nvd.nist.gov/vuln/detail/CVE-2013-2017

security-tracker.debian.org/tracker/CVE-2013-2017

www.cve.org/CVERecord?id=CVE-2013-2017

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.021

Percentile

89.1%

Related for UB:CVE-2013-2017

cve1 f51 cvelist1 debiancve1 nvd1 prion1 altlinux1 openvas5 nessus5 centos1 redhat2 oraclelinux1