CVE-2012-0207

HIGH

Linux Kernel < 3.2.1 - Denial of Service via IGMP Packet Divide-By-Zero

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-0207. PoCs published by kingcope.

AI-analyzed exploit summary This exploit sends malformed IGMP packets to trigger a denial-of-service condition in Linux kernels 2.6.36 and later by causing a kernel panic. It constructs two IGMP packets with specific payloads to exploit the vulnerability.

Description

The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.

Exploits (1)

exploitdb WORKING POC

by kingcope · cdoslinux

https://www.exploit-db.com/exploits/18378

View Code ZIP pw:eip

This exploit sends malformed IGMP packets to trigger a denial-of-service condition in Linux kernels 2.6.36 and later by causing a kernel panic. It constructs two IGMP packets with specific payloads to exploit the vulnerability.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Linux Kernel 2.6.36 and later

No auth needed

Prerequisites: Network access to the target system · Ability to send raw sockets

MITRE ATT&CK