CVE-2012-6638

Kernel: net: tcp: potential DoS via SYN+FIN messages

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663.

La función tcp_rcv_state_process en net/ipv4/tcp_input.c en el kernel de Linux anterior a 3.2.24 permite a atacantes remotos causar una denegación de servicio (consumo de recursos del kernel) a través de una inundación de paquetes TCP SYN+FIN, una vulnerabilidad diferente a CVE-2012-2663.

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-02-15 CVE Reserved
2014-02-15 CVE Published
2024-09-16 CVE Updated
2025-06-23 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (6)

URL	Tag	Source
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fdf5af0daf8019cec2396cdef8fb042d80fe71fa	X_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=826702	Issue Tracking

URL	Date	SRC

URL	Date	SRC
https://github.com/torvalds/linux/commit/fdf5af0daf8019cec2396cdef8fb042d80fe71fa	2023-11-07

URL	Date	SRC
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24	2023-11-07
https://access.redhat.com/security/cve/CVE-2012-6638	2014-06-19
https://bugzilla.redhat.com/show_bug.cgi?id=1066055	2014-06-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 3.0.38 Search vendor "Linux" for product "Linux Kernel" and version " < 3.0.38"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.1 < 3.2.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.1 < 3.2.24"		-		Affected