6 matches found
K15304: Linux kernel tcp_rcv_state_process vulnerability CVE-2012-6638
Security Advisory Description The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets. CVE-2012-6638 Impact Remote attackers may be able to cause a...
Use-after-free
The kernel is vulnerable to use-after-free. Due to a flaw found in the tcprcvstateprocess function in the Linux kernel TCP/IP protocol suite implementation, if a system using IPv6 had the IPV6RECVPKTINFO option set on a listening socket, a remote attacker could send an IPv6 packet to that system,...
Linux Kernel 'tcp_rcv_state_process()'函数拒绝服务漏洞
BUGTRAQ ID: 65654 CVECAN ID: CVE-2012-6638 Linux Kernel是Linux操作系统的内核。 Linux kernel 3.2.24之前版本net/ipv4/tcpinput.c内的tcprcvstateprocess函数在处理大量的SYN+FIN TCP数据包时,存在越界访问错误,远程攻击者可利用此漏洞造成拒绝服务。 0 Linux kernel 3.2.24 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/...
Code injection
The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which...
Important: Red Hat Security Advisory: kernel security and enhancement update
Updated kernel packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...