CVE-2012-4444

Priority
Medium
Description
The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel
before 2.6.36 allows remote attackers to bypass intended network
restrictions via overlapping IPv6 fragments.
Ubuntu-Description
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
fragments in ipv6. A remote attacker could exploit this flaw to bypass
firewalls and initial new network connections that should have been blocked
by the firewall.
References
Bugs
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Patches:
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.36~rc4)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 70789d7052239992824628db8133de08dc78e593
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
Package
Upstream:released (2.6.36~rc4)
More Information

Updated: 2018-04-09 18:15:36 UTC (commit 14524)