CVE-2012-6657
Kernel: net: guard tcp_set_keepalive against crash
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.
La función sock_setsockopt en net/core/sock.c en el kernel de Linux anterior a 3.5.7 no asegura que una acción keepalive está asociada con un socket de flujo, lo que permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante el aprovechamiento de la habilidad de crear un socket en bruto.
It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-09-15 CVE Reserved
- 2014-09-28 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3e10986d1d698140747fcfc2761ec9cb64c1d582 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2014/09/15/8 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/3e10986d1d698140747fcfc2761ec9cb64c1d582 | 2024-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 3.5.6 Search vendor "Linux" for product "Linux Kernel" and version " <= 3.5.6" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.5.1 Search vendor "Linux" for product "Linux Kernel" and version "3.5.1" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.5.2 Search vendor "Linux" for product "Linux Kernel" and version "3.5.2" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.5.3 Search vendor "Linux" for product "Linux Kernel" and version "3.5.3" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.5.4 Search vendor "Linux" for product "Linux Kernel" and version "3.5.4" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.5.5 Search vendor "Linux" for product "Linux Kernel" and version "3.5.5" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Suse Linux Enterprise Server Search vendor "Novell" for product "Suse Linux Enterprise Server" | 10.0 Search vendor "Novell" for product "Suse Linux Enterprise Server" and version "10.0" | sp4, ltss |
Affected
| ||||||
| Novell Search vendor "Novell" | Suse Linux Enterprise Server Search vendor "Novell" for product "Suse Linux Enterprise Server" | 11.0 Search vendor "Novell" for product "Suse Linux Enterprise Server" and version "11.0" | sp1, ltss |
Affected
| ||||||