CVE-2011-3188

17 documents6 sources
Severity
9.1CRITICAL
EPSS
4.3%
top 11.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
15
Linux Linux KernelF5 ARXF5 Big-ip Access Policy Manager+12 more
Timeline
PublishedMay 24
Latest updateMay 13

Description

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages14 packages

NVDf5/arx6.0.06.4.0
NVDf5/firepass6.0.06.1.0+1
NVDf5/big-ip_analytics11.0.011.1.0
NVDf5/enterprise_manager2.1.02.3.0+1

Also affects: Enterprise Linux 4.0

Patches

Patch: www.kernel.orgPatch: www.openwall.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-93rr-wh56-p8fw: The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 32022-05-13
CVEList
CVE-2011-3188: The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 32012-05-24

📋Vendor Advisories

12
Ubuntu
Linux kernel (Natty backport) vulnerabilities2011-11-09
Ubuntu
Linux kernel vulnerabilities2011-11-08
Ubuntu
Linux kernel vulnerabilities2011-10-25
Ubuntu
Linux kernel (Maverick backport) vulnerabilities2011-10-25
Ubuntu
Linux kernel (EC2) vulnerabilities2011-10-25

💬Community

2
Bugzilla
CVE-2011-3188 kernel: net: improve sequence number generation [fedora-all]2011-10-25
Bugzilla
CVE-2011-3188 kernel: net: improve sequence number generation2011-08-23
CVE-2011-3188 (CRITICAL CVSS 9.1) | The (1) IPv4 and (2) IPv6 implement | cvebase.io