CVE-2011-2699

HIGH

Description

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=87c48fa3b4630905f98268dde838ee43626a060c

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.openwall.com/lists/oss-security/2011/07/20/5

http://www.securitytracker.com/id?1027274

https://bugzilla.redhat.com/show_bug.cgi?id=723429

https://github.com/torvalds/linux/commit/87c48fa3b4630905f98268dde838ee43626a060c

Details

Source: MITRE

Published: 2012-05-24

Updated: 2020-07-29

Type: NVD-CWE-Other

Risk Information

CVSS v2.0

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Tenable Plugins

View all (34 total)

ID	Name	Product	Family	Severity
89038	VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check)	Nessus	Misc.	high
83603	SUSE SLES10 Security Update : kernel (SUSE-SU-2013:1832-1)	Nessus	SuSE Local Security Checks	high
75882	openSUSE Security Update : kernel (openSUSE-SU-2012:0236-1)	Nessus	SuSE Local Security Checks	high
75557	openSUSE Security Update : kernel (openSUSE-SU-2012:0206-1)	Nessus	SuSE Local Security Checks	high
69585	Amazon Linux AMI : kernel (ALAS-2011-26)	Nessus	Amazon Linux Local Security Checks	high
68424	Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2033)	Nessus	Oracle Linux Local Security Checks	critical
68393	Oracle Linux 6 : kernel (ELSA-2011-1465)	Nessus	Oracle Linux Local Security Checks	critical
68375	Oracle Linux 5 : kernel (ELSA-2011-1386)	Nessus	Oracle Linux Local Security Checks	critical
64030	RHEL 5 : kernel (RHSA-2012:0358)	Nessus	Red Hat Local Security Checks	high
61747	VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party libraries	Nessus	VMware ESX Local Security Checks	high
61179	Scientific Linux Security Update : kernel on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
61162	Scientific Linux Security Update : kernel on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
59161	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7915)	Nessus	SuSE Local Security Checks	high
57854	SuSE 11.1 Security Update : Linux kernel (SAT Patch Number 5732)	Nessus	SuSE Local Security Checks	high
57853	SuSE 11.1 Security Update : Linux Kernel (SAT Patch Numbers 5723 / 5725)	Nessus	SuSE Local Security Checks	high
57659	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7918)	Nessus	SuSE Local Security Checks	high
57297	SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 5493 / 5510 / 5511)	Nessus	SuSE Local Security Checks	high
56927	RHEL 6 : kernel (RHSA-2011:1465)	Nessus	Red Hat Local Security Checks	critical
56768	Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1256-1)	Nessus	Ubuntu Local Security Checks	critical
56747	Ubuntu 10.04 LTS : linux vulnerabilities (USN-1253-1)	Nessus	Ubuntu Local Security Checks	critical
56644	Ubuntu 10.10 : linux-mvl-dove vulnerabilities (USN-1245-1)	Nessus	Ubuntu Local Security Checks	critical
56639	Ubuntu 10.04 LTS : linux-mvl-dove vulnerabilities (USN-1240-1)	Nessus	Ubuntu Local Security Checks	critical
56638	Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1239-1)	Nessus	Ubuntu Local Security Checks	critical
56577	RHEL 5 : kernel (RHSA-2011:1386)	Nessus	Red Hat Local Security Checks	critical
56569	CentOS 5 : kernel (CESA-2011:1386)	Nessus	CentOS Local Security Checks	critical
56466	Ubuntu 10.10 : linux vulnerabilities (USN-1227-1)	Nessus	Ubuntu Local Security Checks	critical
56388	Ubuntu 8.04 LTS : linux vulnerabilities (USN-1225-1)	Nessus	Ubuntu Local Security Checks	critical
56344	Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1219-1)	Nessus	Ubuntu Local Security Checks	critical
56257	USN-1212-1 : linux-ti-omap4 vulnerabilities	Nessus	Ubuntu Local Security Checks	high
56256	Ubuntu 11.04 : linux vulnerabilities (USN-1211-1)	Nessus	Ubuntu Local Security Checks	high
56192	USN-1204-1 : linux-fsl-imx51 vulnerabilities	Nessus	Ubuntu Local Security Checks	high
56190	USN-1202-1 : linux-ti-omap4 vulnerabilities	Nessus	Ubuntu Local Security Checks	high
55955	Fedora 14 : kernel-2.6.35.14-95.fc14 (2011-11103)	Nessus	Fedora Local Security Checks	high
801510	CentOS RHSA-2011-1386 Security Check	Log Correlation Engine	Generic	high