CVE-2011-3188 (retired)

Priority
Description
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1
use a modified MD4 algorithm to generate sequence numbers and Fragment
Identification values, which makes it easier for remote attackers to cause
a denial of service (disrupted networking) or hijack network sessions by
predicting these values and sending crafted packets.
Ubuntu-Description
Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets.
Notes
jdstrandhttp://git.kernel.org/linus/bc0b96b54a21246e377122d54569eef71cec535f
http://git.kernel.org/linus/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
More Information

Updated: 2019-10-09 07:38:23 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)