Published: 22/01/2013 Updated: 13/02/2023

CVSS v2 Base Score: 4.4 | Impact Score: 6.9 | Exploitability Score: 2.7

VMScore: 392

Vector: AV:L/AC:M/Au:S/C:N/I:N/A:C

The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and previous versions allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address, as demonstrated by rds-ping.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.7.1
linux linux kernel 3.7.3
linux linux kernel 3.7
linux linux kernel
linux linux kernel 3.7.2

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, two bugs, andadd two enhancements are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated thi ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant secur ...

A flaw was found in the way the Linux kernel's Event Poll (epoll) subsystem handled large, nested epoll structures A local, unprivileged user could use this flaw to cause a denial of service A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client The rds ...

Several security issues were fixed in the kernel ...

The system could be made to crash under certain conditions ...

Several security issues were fixed in the kernel ...

The system could be made to crash under certain conditions ...

Several security issues were fixed in the kernel ...

The system could be made to crash under certain conditions ...

NVD-CWE-noinfo http://rhn.redhat.com/errata/RHSA-2012-0743.html http://ubuntu.com/usn/usn-1529-1 https://bugzilla.redhat.com/show_bug.cgi?id=822754 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html http://rhn.redhat.com/errata/RHSA-2012-1540.html http://www.securityfocus.com/bid/54062 http://www.ubuntu.com/usn/USN-1556-1 http://www.ubuntu.com/usn/USN-1555-1 http://marc.info/?l=bugtraq&m=139447903326211&w=2 https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=c7b6a0a1d8d636852be130fa15fa8be10d4704e8 https://access.redhat.com/errata/RHSA-2012:1540 https://nvd.nist.gov https://usn.ubuntu.com/1538-1/https://alas.aws.amazon.com/ALAS-2012-100.html

CVE-2012-2372

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect