CVE-2013-4348
Linux Kernel <= 3.12 - Denial of Service via IHL Field in IPIP Packet
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-4348. PoCs published by bl4ck5un.
AI-analyzed exploit summary This PoC exploits a denial-of-service vulnerability in the Linux kernel's flow dissector by crafting a malformed IPIP packet that triggers an infinite loop. The exploit constructs a raw packet with nested IP headers and sends it via a raw socket to crash the target system.
Description
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.
Exploits (1)
This PoC exploits a denial-of-service vulnerability in the Linux kernel's flow dissector by crafting a malformed IPIP packet that triggers an infinite loop. The exploit constructs a raw packet with nested IP headers and sends it via a raw socket to crash the target system.