CVE-2013-4387

EPSS 0.62%

linux-2.6 - security update

Published: 10/10/2013Modified: 4/28/2026

Description

net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet.

Affected packages (2)

Debian/linuxfrom 0, < 3.11.5-1
Debian/linux-2.6from 0, < 2.6.32-48squeeze8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4387