CVE-2002-2438
HIGHLinux Kernel < 2.4.20 - TCP Firewall Bypass via SYN Packet Flag Manipulation
Title source: llmDescription
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.
References (16)
Core 16
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/30/8
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/30/4
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/30/12
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/30/11
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/30/13
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/02/03/7
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/29/8
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/02/12/8
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/30/9
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/31/3
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/30/2
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/464113
Third Party Advisory, US Government Resource x_refsource_misc
https://www.kb.cert.org/vuls/id/464113%2C
Issue Tracking x_refsource_misc
https://bugzilla.suse.com/show_bug.cgi?id=744994%2C
Mailing List, Patch, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2012/02/03/7
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210727-0003/
Scores
CVSS v3
7.5
EPSS
0.0374
EPSS Percentile
88.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-287
Status
published
Products (1)
linux/linux_kernel
< 2.4.20
Published
May 18, 2021
Tracked Since
Feb 18, 2026