Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2013-2128 CVE-2011-1573 |
CWE-ID | CWE-400 CWE-682 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU42797
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-2128
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.
The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 2.6.0 - 2.6.33.20
External linkshttp://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=baff42ab1494528907bf4d5870359e31711746ae
http://rhn.redhat.com/errata/RHSA-2013-1051.html
http://www.openwall.com/lists/oss-security/2013/05/29/11
http://bugzilla.redhat.com/show_bug.cgi?id=968484
http://github.com/torvalds/linux/commit/baff42ab1494528907bf4d5870359e31711746ae
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU44345
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-1573
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 2.6.0 - 2.6.33.20
External linkshttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a8170c35e738d62e9919ce5b109cf4ed66e95bde
http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.34
http://openwall.com/lists/oss-security/2011/04/11/12
http://openwall.com/lists/oss-security/2011/04/11/4
http://rhn.redhat.com/errata/RHSA-2011-0927.html
http://bugzilla.redhat.com/show_bug.cgi?id=695383
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.