CVE-2012-3552Race Condition in Kernel

CWE-362Race Condition12 documents7 sources
Severity
6.9MEDIUMNVD
NVD5.9OSV5.9
EPSS
2.0%
top 16.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxRedhat Enterprise Linux+1 more
Timeline
PublishedOct 3
Latest updateNov 21

Description

Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

Debianlinux/linux_kernel< 3.0-1+3
debiandebian/linux< linux 3.0-1 (bookworm)+1

Also affects: Enterprise Linux 6.0, 6.2

Patches

Patch: www.openwall.comPatch: bugzilla.redhat.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-phqq-mhr3-p67h: A certain Red Hat patch for the Linux kernel 22022-05-14
GHSA
GHSA-745g-xcgm-mj62: Race condition in the IP implementation in the Linux kernel before 32022-05-13
OSV
CVE-2012-3552: Race condition in the IP implementation in the Linux kernel before 32012-10-03

📋Vendor Advisories

4
Red Hat
kernel: net: IP_REPOPTS invalid free2013-06-30
Debian
CVE-2013-2224: linux - A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux ...2013
Debian
CVE-2012-3552: linux - Race condition in the IP implementation in the Linux kernel before 3.0 might all...2012
Red Hat
kernel: net: slab corruption due to improper synchronization around inet->opt2011-04-21

📄Research Papers

1
arXiv
Characteristics, Root Causes, and Detection of Incomplete Security Bug Fixes in the Linux Kernel2025-11-21

💬Community

2
Bugzilla
CVE-2013-2224 kernel: net: IP_REPOPTS invalid free2013-07-01
Bugzilla
CVE-2012-3552 kernel: net: slab corruption due to improper synchronization around inet->opt2012-08-31