CVE-2012-6657
published 2014-09-28CVE-2012-6657: The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket…
medium4.9CVSS 3.1
AVLACLAuNCNINAC
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 3.6.4-1 (bookworm) | linux 3.6.4-1 (bookworm) |
| linux | linux_kernel | <= 3.5.6 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 3.6.4-1 | 3.6.4-1 |
| linux | linux_kernel | >= 0 < 3.6.4-1 | 3.6.4-1 |
| linux | linux_kernel | >= 0 < 3.6.4-1 | 3.6.4-1 |
| linux | linux_kernel | >= 0 < 3.6.4-1 | 3.6.4-1 |
| novell | suse_linux_enterprise_server | — | — |
| novell | suse_linux_enterprise_server | — | — |
CVSS provenance
nvd4.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
osv4.9MEDIUM