1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linux kernel IPv6 UDP fragment offload bug (CVE-2013-4387)

Discussion in 'Tomato Firmware' started by koitsu, Dec 16, 2013.

  1. koitsu

    koitsu Network Guru Member

    Friend of mine pasted me this this morning:

    A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload (UFO) feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-4387, Important)

    Sites seem to indicate this is as old as September 2013.

    First two URLs indicates 2.6.x is impacted, though other CVE sites don't indicate that.


    With all the recent focus here on IPv6, I thought I'd submit a forum RFC (request for comments).
  2. Victek

    Victek Network Guru Member

Share This Page