5.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.039 Low
EPSS
Percentile
91.8%
The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in
the Linux kernel through 3.10.1 does not properly handle Router
Advertisement (RA) messages in certain circumstances involving three routes
that initially qualified for membership in an ECMP route set until a change
occurred for one of the first two routes, which allows remote attackers to
cause a denial of service (system crash) via a crafted sequence of
messages.
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=307f2fb95e9b96b3577916e73d92e104f8f26494
www.openwall.com/lists/oss-security/2013/07/15/4
bugzilla.redhat.com/show_bug.cgi?id=984664
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4125
github.com/torvalds/linux/commit/307f2fb95e9b96b3577916e73d92e104f8f26494
launchpad.net/bugs/cve/CVE-2013-4125
nvd.nist.gov/vuln/detail/CVE-2013-4125
security-tracker.debian.org/tracker/CVE-2013-4125
ubuntu.com/security/notices/USN-1935-1
ubuntu.com/security/notices/USN-1936-1