CVE-2013-4348

The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

Published: Nov 4, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-4348
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	3.2	3.2.54
linux / linux_kernel	3.3	3.4.70
linux / linux_kernel	3.5	3.10.20
linux / linux_kernel	3.11	3.11.9
linux / linux_kernel	3.12	3.12.1
canonical / ubuntu_linux	13.10	13.10.x
canonical / ubuntu_linux	12.04	12.04.x

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html
http://rhn.redhat.com/errata/RHSA-2013-1490.html
http://www.ubuntu.com/usn/USN-2070-1
http://www.ubuntu.com/usn/USN-2075-1
https://bugzilla.redhat.com/show_bug.cgi?id=1007939
https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd

Vulnerability Database

290,301

CVE-2013-4348