Lucene search

K

Veracode Vulnerability DatabaseVERACODE:18245

HistoryMay 02, 2019 - 6:36 a.m.

Denial Of Service (DOS)

2019-05-0206:36:13

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

15

EPSS

0.012

Percentile

85.1%

Linux kernel is vulnerable to denial of service (DOS) attacks. The vulnerability exists in the ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel. Malicious IP options present would cause the ipv4_pktinfo_prepare() function to drop/free the dst. Attackers could cause a denial of service (system crash) condition via a crafted system call or IPv4 traffic with invalid IP options.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b2cef20f19c87999fff3da4071e66937db9644

www.debian.org/security/2017/dsa-3791

www.openwall.com/lists/oss-security/2017/02/12/3

www.securityfocus.com/bid/96233

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html

access.redhat.com/errata/RHSA-2017:1842

access.redhat.com/errata/RHSA-2017:2077

access.redhat.com/errata/RHSA-2017:2669

access.redhat.com/security/cve/CVE-2016-10741

access.redhat.com/security/cve/CVE-2017-2584

access.redhat.com/security/cve/CVE-2017-5551

access.redhat.com/security/cve/CVE-2017-7495

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1377840

bugzilla.redhat.com/show_bug.cgi?id=1378172

bugzilla.redhat.com/show_bug.cgi?id=1389215

bugzilla.redhat.com/show_bug.cgi?id=1400188

bugzilla.redhat.com/show_bug.cgi?id=1414052

bugzilla.redhat.com/show_bug.cgi?id=1421638

bugzilla.redhat.com/show_bug.cgi?id=1421801

bugzilla.redhat.com/show_bug.cgi?id=1421810

bugzilla.redhat.com/show_bug.cgi?id=1425780

bugzilla.redhat.com/show_bug.cgi?id=1426661

bugzilla.redhat.com/show_bug.cgi?id=1427626

bugzilla.redhat.com/show_bug.cgi?id=1427647

bugzilla.redhat.com/show_bug.cgi?id=1427991

bugzilla.redhat.com/show_bug.cgi?id=1428890

bugzilla.redhat.com/show_bug.cgi?id=1428943

bugzilla.redhat.com/show_bug.cgi?id=1429610

bugzilla.redhat.com/show_bug.cgi?id=1429640

bugzilla.redhat.com/show_bug.cgi?id=1429951

bugzilla.redhat.com/show_bug.cgi?id=1429977

bugzilla.redhat.com/show_bug.cgi?id=1430023

bugzilla.redhat.com/show_bug.cgi?id=1430038

bugzilla.redhat.com/show_bug.cgi?id=1430074

bugzilla.redhat.com/show_bug.cgi?id=1430353

bugzilla.redhat.com/show_bug.cgi?id=1430926

bugzilla.redhat.com/show_bug.cgi?id=1430946

bugzilla.redhat.com/show_bug.cgi?id=1431104

bugzilla.redhat.com/show_bug.cgi?id=1432118

bugzilla.redhat.com/show_bug.cgi?id=1434616

bugzilla.redhat.com/show_bug.cgi?id=1438512

bugzilla.redhat.com/show_bug.cgi?id=1441552

bugzilla.redhat.com/show_bug.cgi?id=1452240

bugzilla.redhat.com/show_bug.cgi?id=1459056

github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644

patchwork.ozlabs.org/patch/724136/

source.android.com/security/bulletin/2017-07-01

EPSS

0.012

Percentile

85.1%

Related for VERACODE:18245

suse32 virtuozzo1 nessus38 ubuntucve1 prion1 debiancve1 redhatcve1 nvd1 cvelist1 openvas32 cve1 ibm3 f51 fedora2 amazon1 symantec1 ubuntu5 cloudfoundry1 debian3 osv2 mageia3 oraclelinux4 redhat3 centos1 androidsecurity1