CVE-2011-3188

Priority
Description
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1
use a modified MD4 algorithm to generate sequence numbers and Fragment
Identification values, which makes it easier for remote attackers to cause
a denial of service (disrupted networking) or hijack network sessions by
predicting these values and sending crafted packets.
Ubuntu-Description
Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets.
Notes
 jdstrand> http://git.kernel.org/linus/bc0b96b54a21246e377122d54569eef71cec535f
 jdstrand> http://git.kernel.org/linus/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
More Information

Updated: 2018-10-31 21:01:21 UTC (commit cfa7cf69d76449ccff972ac22f40976a08d908c2)