Lucene search
Ubuntu.comUB:CVE-2011-2393HistoryFeb 02, 2012 - 12:00 a.m.
CVE-2011-2393
2012-02-0200:00:00
ubuntu.com
ubuntu.com
8
0.002 Low
EPSS
Percentile
59.0%
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in
FreeBSD, NetBSD, and possibly other BSD-based operating systems allows
remote attackers to cause a denial of service (CPU consumption and device
hang) by sending many Router Advertisement (RA) messages with different
source addresses, a similar vulnerability to CVE-2010-4670.
Bugs
Notes
| Author | Note |
|---|---|
| tyhicks | “Old Linux kernels are also affected, detailed version information unknown.” |
| apw | “Linux: fixed prior 2010” algorithm appears unchanged all the way back to hardy, with the holding of a single address from RA at any one time, very likely we are unaffected but this needs testing |
| jdstrand | linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
| apw | we have always had an upper limit of addresses for each interface via RA so we cannot crash at least, we only accept these from link-local so we can only be DOSd by someone on the local link, who can kill us by killing the same link. For this CVE we seemed to be fixed by the first git commit so use that as ‘fix’. |
Related
prion
prion
Code injection
2012-02-02 17:55:00
Code injection
2011-01-07 12:00:00
Design/Logic Flaw
2020-02-20 15:15:00
cve
cve
debiancve
debiancve
CVE-2011-2393
2012-02-02 17:55:00
cvelist
cvelist
securityvulns
securityvulns
Multiple systems ICMPv6 flood DoS
2011-04-13 00:00:00