1. Home
  2. Vulnerabilities
  3. CVE-2013-4348

CVE-2013-4348

CVSS v2.0 7.1 (High)
71% Progress
EPSS 2.97 % (91th)
2.97% Progress
Affected Products 2
Advisories 35
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

Weaknesses
CWE-399
Resource Management Errors
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2013-11-04 15:55:05
(11 years ago)
Updated Date
2023-05-19 16:50:59
(16 months ago)

Affected Products

Canonical

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 3.2 version and prior 3.2.54 version cpe:2.3:o:linux:linux_kernel >= 3.2 < 3.2.54
  Linux Kernel from 3.3 version and prior 3.4.70 version cpe:2.3:o:linux:linux_kernel >= 3.3 < 3.4.70
  Linux Kernel from 3.5 version and prior 3.10.20 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.10.20
  Linux Kernel from 3.11 version and prior 3.11.9 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.11.9
  Linux Kernel from 3.12 version and prior 3.12.1 version cpe:2.3:o:linux:linux_kernel >= 3.12 < 3.12.1

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-
  Canonical Ubuntu Linux 13.10 cpe:2.3:o:canonical:ubuntu_linux:13.10