Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0207Divide By Zero in Kernel

CWE-369Divide By Zero14 documents7 sources
Severity
7.5HIGHNVD
EPSS
11.7%
top 6.28%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Linux KernelRedhat Enterprise Linux EUS
Timeline
PublishedMay 17
Latest updateMay 4

Description

The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDlinux/linux_kernel3.13.1.9+2
Ubuntulinux/linux_kernel< 3.11.0-12.19+1

Also affects: Enterprise Linux 5.6

Patches

Patch: www.kernel.orgPatch: bugzilla.redhat.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-6q5h-q7w3-mf7c: The igmp_heard_query function in net/ipv4/igmp2022-05-04
OSV
CVE-2012-0207: The igmp_heard_query function in net/ipv4/igmp2012-01-13

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.6.36 IGMP - Remote Denial of Service2012-01-17

📋Vendor Advisories

7
Ubuntu
Linux kernel (Oneiric backport) vulnerabilities2012-03-06
Ubuntu
Linux kernel (Natty backport) vulnerabilities2012-03-06
Ubuntu
Linux kernel vulnerabilities2012-02-29
Ubuntu
Linux kernel vulnerabilities2012-02-13
Ubuntu
Linux kernel (OMAP4) vulnerabilities2012-02-13

💬Community

2
Bugzilla
CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries [fedora-all]2012-01-18
Bugzilla
CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries2012-01-10