5.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.046 Low
EPSS
Percentile
92.6%
The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in
the Linux kernel through 3.10.1 does not properly handle Router
Advertisement (RA) messages in certain circumstances involving three routes
that initially qualified for membership in an ECMP route set until a change
occurred for one of the first two routes, which allows remote attackers to
cause a denial of service (system crash) via a crafted sequence of
messages.
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=307f2fb95e9b96b3577916e73d92e104f8f26494
www.openwall.com/lists/oss-security/2013/07/15/4
bugzilla.redhat.com/show_bug.cgi?id=984664
github.com/torvalds/linux/commit/307f2fb95e9b96b3577916e73d92e104f8f26494
launchpad.net/bugs/cve/CVE-2013-4125
nvd.nist.gov/vuln/detail/CVE-2013-4125
security-tracker.debian.org/tracker/CVE-2013-4125
ubuntu.com/security/notices/USN-1935-1
ubuntu.com/security/notices/USN-1936-1
www.cve.org/CVERecord?id=CVE-2013-4125