CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
16.0%
The sock_setsockopt function in net/core/sock.c in the Linux kernel before
3.5.7 does not ensure that a keepalive action is associated with a stream
socket, which allows local users to cause a denial of service (system
crash) by leveraging the ability to create a raw socket.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e10986d1d698140747fcfc2761ec9cb64c1d582
launchpad.net/bugs/cve/CVE-2012-6657
nvd.nist.gov/vuln/detail/CVE-2012-6657
security-tracker.debian.org/tracker/CVE-2012-6657
ubuntu.com/security/notices/USN-1644-1
ubuntu.com/security/notices/USN-1645-1
ubuntu.com/security/notices/USN-1899-1
ubuntu.com/security/notices/USN-1900-1
www.cve.org/CVERecord?id=CVE-2012-6657