Release date:
Updated on:
Affected Systems:
Linux kernel <3.2.24
Description:
--------------------------------------------------------------------------------
Bugtraq id: 65654
CVE (CAN) ID: CVE-2012-6638
Linux Kernel is the Kernel of the Linux operating system.
In versions earlier than Linux kernel 3.2.24, The tcp_rcv_state_process function in net/ipv4/tcp_input.c contains out-of-bounds access errors when processing a large number of SYN + fin tcp packets. Remote attackers can exploit this vulnerability to cause DOS.
<* Source: Denys Fedoryshchenko
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/
Http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24
Https://github.com/torvalds/linux/commit/fdf5af0daf8019cec2396cdef8fb042d80fe71fa
Http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commit; h = fdf5af0daf8019cec21_cdef8fb042d80fe71fa
Linux Kernel: click here
Linux Kernel: click here
The Linux kernel replaces iptables with nftables
Linux 3.12 code Suicidal Squirrel
How to install Linux 3.11 Kernel on Ubuntu
The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5
Linux Kernel 3.4.62 LTS is now available for download
How to install Linux kernel 13.10 On Ubuntu 3.12