CVE-2012-4565

Severity

47%

Complexity

34%

Confidentiality

115%

The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats.

CVSS 2.0 Base Score 4.7. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C).

Overview

First reported 12 years ago

2012-12-21 11:47:00

Last updated 11 years ago

2013-08-22 03:58:00

Affected Software

Linux Kernel 3.4.1

3.4.1

Linux Kernel 3.4.2

3.4.2

Linux Kernel 3.4.3

3.4.3

Linux Kernel 3.4.4

3.4.4

Linux Kernel 3.4.5

3.4.5

Linux Kernel 3.4.6

3.4.6

Linux Kernel 3.4.7

3.4.7

Linux Kernel 3.4.8

3.4.8

Linux Kernel 3.4.9

3.4.9

Linux Kernel 3.4.10

3.4.10

Linux Kernel 3.4.11

3.4.11

Linux Kernel 3.4.12

3.4.12

Linux Kernel 3.4.13

3.4.13

Linux Kernel 3.4.14

3.4.14

Linux Kernel 3.4.15

3.4.15

Linux Kernel 3.4.16

3.4.16

Linux Kernel 3.4.17

3.4.17

Linux Kernel

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664

Exploit

FEDORA-2012-17479

RHSA-2012:1580

51409

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.19

[oss-security] 20121031 Re: CVE Request -- kernel: net: divide by zero in tcp algorithm illinois

56346

USN-1644-1

USN-1645-1

USN-1646-1

USN-1647-1

USN-1648-1

USN-1649-1

USN-1650-1

USN-1651-1

USN-1652-1

https://bugzilla.redhat.com/show_bug.cgi?id=871848

https://github.com/torvalds/linux/commit/8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664