Lucene search

PRIOn knowledge basePRION:CVE-2013-4563

HistoryNov 20, 2013 - 1:19 p.m.

Design/Logic Flaw

2013-11-2013:19:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via a large IPv6 UDP packet, as demonstrated by use of the Token Bucket Filter (TBF) queueing discipline.

CPENameOperatorVersion
ubuntu_linuxeq13.10
ubuntu_linuxeq12.04
linux_kernelge3.9.8
linux_kernelle3.10.23
linux_kernelge3.11
linux_kernellt3.12.4

Name	Operator	Version
ubuntu_linux	eq	13.10
ubuntu_linux	eq	12.04
linux_kernel	ge	3.9.8
linux_kernel	le	3.10.23
linux_kernel	ge	3.11
linux_kernel	lt	3.12.4

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0e033e04c2678dbbe74a46b23fffb7bb918c288e

lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html

www.openwall.com/lists/oss-security/2013/11/13/9

www.ubuntu.com/usn/USN-2113-1

www.ubuntu.com/usn/USN-2117-1

bugzilla.redhat.com/show_bug.cgi?id=1030015

github.com/torvalds/linux/commit/0e033e04c2678dbbe74a46b23fffb7bb918c288e