Linux Kernel net/ipv6/netfilter/nf_conntrack_reasm.c nf_ct_frag6

VulDB: Linux Kernel net/ipv6/netfilter/nf_conntrack_reasm.c nf_ct_frag6_reasm() denial of service

General

Linux

scipID: 5655
Affected: Linux Kernel
Published: 07/10/2012
Risk: problematic
Entry: 85.3% complete
Created: 07/19/2012
Updated: 09/03/2012

Summary

A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function nf_ct_frag6_reasm() of the file _net/ipv6/netfilter/nf_conntrack_reasm.c_. The manipulation with an unknown input leads to a denial of service vulnerability. This is going to have an impact on availability.

The weakness was published 07/10/2012 with Beyond Security’s SecuriTeam Secure Disclosure as RHSA-2012:1064-2 as advisory (Red Hat Security Advisory). The advisory is shared for download at rhn.redhat.com. This vulnerability is uniquely identified as CVE-2012-2744 since 05/14/2012. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details of the vulnerability are known, but there is no available exploit.

The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published immediately after the disclosure of the vulnerability. The vulnerability is also documented in the databases at OSVDB (83665) and Secunia (SA49778).