CVE-2011-2699 — Kernel vulnerability

17 documents6 sources

Severity

7.5HIGHNVD

EPSS

1.4%

top 19.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Redhat Enterprise Linux Redhat Enterprise MRG

Timeline

PublishedMay 24

Latest updateMay 13

Description

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDlinux/linux_kernel< 3.1

▶NVDredhat/enterprise_mrg2.0

Also affects: Enterprise Linux 4.0

Patches

Patch: www.kernel.org ↗Patch: bugzilla.redhat.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-69g3-qvqf-82hh: The IPv6 implementation in the Linux kernel before 3↗2022-05-13

▶

CVEList

CVE-2011-2699: The IPv6 implementation in the Linux kernel before 3↗2012-05-24

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Natty backport) vulnerabilities↗2011-11-09

▶

Ubuntu

Linux kernel vulnerabilities↗2011-11-08

▶

Ubuntu

Linux kernel (EC2) vulnerabilities↗2011-10-25

▶

Ubuntu

Linux kernel (Marvell DOVE) vulnerabilities↗2011-10-25

▶

Ubuntu

Linux kernel vulnerabilities↗2011-10-11

▶

💬Community

Bugzilla

CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable [fedora-all]↗2011-10-25

▶

Bugzilla

CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable↗2011-07-20

▶