Vulnerability Details : CVE-2012-2744
net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2012-2744
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.7:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.17:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.16:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.15:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.14:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.9:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.8:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.19:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.13:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.10:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.18:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.12:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.33.11:*:*:*:*:*:*:*
Threat overview for CVE-2012-2744
Top countries where our scanners detected CVE-2012-2744
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2012-2744 1,403
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-2744!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-2744
0.62%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-2744
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2012-2744
-
http://www.securityfocus.com/bid/54367
Linux Kernel IPv6 'nf_ct_frag6_reasm()' Remote Denial of Service Vulnerability
-
https://github.com/torvalds/linux/commit/9e2dcf72023d1447f09c47d77c99b0c49659e5ce
netfilter: nf_conntrack_reasm: properly handle packets fragmented int… · torvalds/linux@9e2dcf7 · GitHubPatch
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9e2dcf72023d1447f09c47d77c99b0c49659e5ce
-
https://bugzilla.redhat.com/show_bug.cgi?id=833402
833402 – (CVE-2012-2744) CVE-2012-2744 kernel: netfilter: null pointer dereference in nf_ct_frag6_reasm()
-
http://rhn.redhat.com/errata/RHSA-2012-1064.html
RHSA-2012:1064 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2012-1148.html
RHSA-2012:1148 - Security Advisory - Red Hat Customer Portal
-
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
404 Not Found
-
http://www.securitytracker.com/id?1027235
Linux Kernel IPv6 Netfilter Connection Tracking Flaw Lets Remote Users Deny Service - SecurityTracker
Jump to