CVE-2013-4163

Linux Kernel < 3.10.3 - Resource Management Error

Title source: rule
STIX 2.1

Description

The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.

References (16)

Core 16
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1944-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1945-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1947-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1946-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1943-1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/07/23/10
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1938-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/61412
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=987633
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/54148
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1941-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1942-1

Scores

EPSS 0.0009
EPSS Percentile 24.7%

Details

CWE
CWE-399
Status published
Products (44)
linux/linux_kernel 3.0 rc1 (7 CPE variants)
linux/linux_kernel 3.0.1
linux/linux_kernel 3.0.2
linux/linux_kernel 3.0.3
linux/linux_kernel 3.0.4
linux/linux_kernel 3.0.5
linux/linux_kernel 3.0.6
linux/linux_kernel 3.0.7
linux/linux_kernel 3.0.8
linux/linux_kernel 3.0.9
... and 34 more
Published Jul 29, 2013
Tracked Since Feb 18, 2026