{ "id": "CVE-2013-2017", "sourceIdentifier": "secalert@redhat.com", "published": "2013-05-03T11:57:45.790", "lastModified": "2024-11-21T01:50:52.247", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error." }, { "lang": "es", "value": "El driver Veth (tambi\u00e9n conocido como Ethernet virtual) en el kernel Linux anterior a v2.6.34 no gestiona adecuadamente skbs durante la congesti\u00f3n, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema), aprovechando la falta de consumo de skb junto con un error de doble liberaci\u00f3n." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "baseScore": 7.8, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-399" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.6.33.20", "matchCriteriaId": "B8187F7E-B31E-4C1C-8EB3-384193B7D7EE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:*:*:*:*:*:*:*", "matchCriteriaId": "D81C2911-5781-46A4-AD27-F946BD44EAEC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc1:*:*:*:*:*:*", "matchCriteriaId": "2DB53511-E1B0-4F81-BE9E-B52E84E9C30E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc2:*:*:*:*:*:*", "matchCriteriaId": "207306A0-19F5-4E49-945C-A5E4DD442459" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc3:*:*:*:*:*:*", "matchCriteriaId": "1DE43C00-5967-44A1-ACEB-B7AF66EEBB53" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc4:*:*:*:*:*:*", "matchCriteriaId": "B33B5E4B-FCB3-4343-B992-F0ADB853754B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc5:*:*:*:*:*:*", "matchCriteriaId": "D7295BBE-A9E3-44F6-9DD6-0FD6C2591E11" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc6:*:*:*:*:*:*", "matchCriteriaId": "B220EA3F-55B3-4B6E-8285-B28ADEF50138" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc7:*:*:*:*:*:*", "matchCriteriaId": "C61AB348-ACF4-4F88-AC9D-BEC63B76399C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc8:*:*:*:*:*:*", "matchCriteriaId": "C3AFD58E-A261-4398-BA11-B62A091261F6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.1:*:*:*:*:*:*:*", "matchCriteriaId": "17721A7D-E955-407B-AACB-97F859CE79C3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.2:*:*:*:*:*:*:*", "matchCriteriaId": "7B04F515-29A7-4D6A-AFC5-3A115F8A5918" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.3:*:*:*:*:*:*:*", "matchCriteriaId": "7514928F-8992-4B8A-8AF4-E89F1CB6EFCE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.4:*:*:*:*:*:*:*", "matchCriteriaId": "BD6324B7-1329-4C6B-8DDB-D489250E07C0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.5:*:*:*:*:*:*:*", "matchCriteriaId": "A7910FE5-E02C-4B20-9F27-F488E76BDE93" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.6:*:*:*:*:*:*:*", "matchCriteriaId": "96F85BC2-54C4-4450-B3BA-A2A8EB78A81C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.7:*:*:*:*:*:*:*", "matchCriteriaId": "25E5B510-1096-42E8-8BD1-E9198D588050" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.8:*:*:*:*:*:*:*", "matchCriteriaId": "29787617-FFDD-4BDE-97EB-330675B99614" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.9:*:*:*:*:*:*:*", "matchCriteriaId": "7B28D3CE-E432-4F10-BF25-D03B0D89388A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.10:*:*:*:*:*:*:*", "matchCriteriaId": "E587FF24-AA5D-454B-8928-9C3CE03C419C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.11:*:*:*:*:*:*:*", "matchCriteriaId": "9DDBAAA5-240F-4DE5-BAA1-89508BD2CD8D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.12:*:*:*:*:*:*:*", "matchCriteriaId": "F5D61706-2974-4C96-8196-9F3F56F1791F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.13:*:*:*:*:*:*:*", "matchCriteriaId": "46C5D7F1-152C-435F-8694-A66D0008289B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.14:*:*:*:*:*:*:*", "matchCriteriaId": "BEA2A352-7F4F-449D-AE23-24D39BFE0DB3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.15:*:*:*:*:*:*:*", "matchCriteriaId": "D9763287-12D3-485D-9DB4-0EBBEB2858C1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.16:*:*:*:*:*:*:*", "matchCriteriaId": "9CDB80CE-2F1D-47EE-AE64-EA07B0AA3C20" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.17:*:*:*:*:*:*:*", "matchCriteriaId": "E70E77F5-12EF-4E12-8D34-9C56D23CAB22" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.18:*:*:*:*:*:*:*", "matchCriteriaId": "B0139175-7049-4A2D-878E-EC43325DB5B4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33.19:*:*:*:*:*:*:*", "matchCriteriaId": "18483901-EC47-45AD-A9EB-30591AA1247E" } ] } ] } ], "references": [ { "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34", "source": "secalert@redhat.com" }, { "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6ec82562ffc6f297d0de36d65776cff8e5704867", "source": "secalert@redhat.com" }, { "url": "http://www.openwall.com/lists/oss-security/2013/04/29/10", "source": "secalert@redhat.com" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957705", "source": "secalert@redhat.com" }, { "url": "https://github.com/torvalds/linux/commit/6ec82562ffc6f297d0de36d65776cff8e5704867", "source": "secalert@redhat.com" }, { "url": "https://support.f5.com/csp/article/K39655464", "source": "secalert@redhat.com" }, { "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6ec82562ffc6f297d0de36d65776cff8e5704867", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.openwall.com/lists/oss-security/2013/04/29/10", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957705", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://github.com/torvalds/linux/commit/6ec82562ffc6f297d0de36d65776cff8e5704867", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://support.f5.com/csp/article/K39655464", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }