5 matches found
kernel: information leak in the IPv4 implementation
An information leak flaw was found in the Linux kernel’s IPv4 implementation in the iprtinit in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information...
kernel: information leak in the IPv6 implementation
An information leak flaw was found in the Linux kernel’s IPv6 implementation in the ipv6selectident in net/ipv6/outputcore.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information...
Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...
Kernel: net: weak IP ID generation leads to remote device tracking
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe a weak IP ID generation in this field to track Linux devices...
security flaw
The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...