CVE-2011-3188

Priority
Description
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1
use a modified MD4 algorithm to generate sequence numbers and Fragment
Identification values, which makes it easier for remote attackers to cause
a denial of service (disrupted networking) or hijack network sessions by
predicting these values and sending crafted packets.
Ubuntu-Description
Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets.
Notes
jdstrandhttp://git.kernel.org/linus/bc0b96b54a21246e377122d54569eef71cec535f
http://git.kernel.org/linus/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
More Information

Updated: 2020-01-29 19:42:13 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)