CVE-2012-4444

2012-12-2111:47:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2012-4444

linux kernel

ip6_frag_queue

ipv6

network restrictions

security vulnerability

6.1 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

79.0%

JSON

The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.32.5
linux:linux_kernellinux linux kerneleq2.6.35
linux:linux_kernellinux linux kerneleq2.6.35.10
linux:linux_kernellinux linux kerneleq2.6.33.7
linux:linux_kernellinux linux kerneleq2.6.32.48
linux:linux_kernellinux linux kerneleq2.6.31
linux:linux_kernellinux linux kerneleq2.6.32
linux:linux_kernellinux linux kerneleq2.6.31.9
linux:linux_kernellinux linux kerneleq2.6.36
linux:linux_kernellinux linux kerneleq2.6.32.42

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.32.5
linux:linux_kernel	linux linux kernel	eq	2.6.35
linux:linux_kernel	linux linux kernel	eq	2.6.35.10
linux:linux_kernel	linux linux kernel	eq	2.6.33.7
linux:linux_kernel	linux linux kernel	eq	2.6.32.48
linux:linux_kernel	linux linux kernel	eq	2.6.31
linux:linux_kernel	linux linux kernel	eq	2.6.32
linux:linux_kernel	linux linux kernel	eq	2.6.31.9
linux:linux_kernel	linux linux kernel	eq	2.6.36
linux:linux_kernel	linux linux kernel	eq	2.6.32.42