CVE-2012-2744
kernel: netfilter: null pointer dereference in nf_ct_frag6_reasm()
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets.
net/ipv6/netfilter/nf_conntrack_reasm.c en el kernel de Linux anterior a v2.6.34, cuando el módulo nf_conntrack_ipv6 está habilitado, permite a atacantes remotos causar una denegación de servicio (referencia de puntero a NULL y caída del sistema) mediante ciertos tipos de paquetes IPv6 fragmentados.
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-14 CVE Reserved
- 2012-07-10 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 | X_refsource_confirm | |
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9e2dcf72023d1447f09c47d77c99b0c49659e5ce | X_refsource_confirm | |
| http://secunia.com/advisories/49928 | Third Party Advisory | |
| http://www.securityfocus.com/bid/54367 | Vdb Entry | |
| http://www.securitytracker.com/id?1027235 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/9e2dcf72023d1447f09c47d77c99b0c49659e5ce | 2023-02-13 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1064.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2012-1148.html | 2023-02-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=833402 | 2012-08-07 | |
| https://access.redhat.com/security/cve/CVE-2012-2744 | 2012-08-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 2.6.33.20 Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.33.20" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.1 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.1" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.2 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.2" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.3 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.3" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.4 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.4" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.5 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.5" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.6 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.6" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.7 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.7" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.8 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.8" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.9 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.9" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.10 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.10" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.11 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.11" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.12 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.12" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.13 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.13" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.14 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.14" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.15 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.15" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.16 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.16" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.17 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.17" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.18 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.18" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.19 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.19" | - |
Affected
| ||||||