SOL16011 - Linux kernel vulnerability CVE-2012-6657

2015-01-2100:00:00

support.f5.com

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0005 Low

EPSS

Percentile

13.3%

JSON

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket. (CVE-2012-6657)

CPENameOperatorVersion
big-ip apmle11.6.0
big-ip edge gatewayle11.3.0
big-ip ltmle11.6.0
big-ip link controllerle11.6.0
big-ip webacceleratorle11.3.0
big-iq securityle4.4.0
big-ip womle11.3.0
big-ip psmle11.4.1
big-ip analyticsle11.6.0
enterprise managerle3.1.1

Name	Operator	Version
big-ip apm	le	11.6.0
big-ip edge gateway	le	11.3.0
big-ip ltm	le	11.6.0
big-ip link controller	le	11.6.0
big-ip webaccelerator	le	11.3.0
big-iq security	le	4.4.0
big-ip wom	le	11.3.0
big-ip psm	le	11.4.1
big-ip analytics	le	11.6.0
enterprise manager	le	3.1.1