CVE-2012-2744
Publication date 10 July 2012
Last updated 24 July 2024
Ubuntu priority
net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets.
From the Ubuntu Security Team
An error was found in the Linux kernel’s IPv6 netfilter when connection tracking is enabled. A remote attacker could exploit this flaw to crash a system if it is using IPv6 with the nf_contrack_ipv6 kernel module loaded.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | 12.04 LTS precise |
Not affected
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy |
Fixed 2.6.24-32.104
|
|
linux-armadaxp | 12.04 LTS precise |
Not affected
|
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
linux-ec2 | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Not in release | |
linux-fsl-imx51 | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release | |
linux-linaro-omap | 12.04 LTS precise | Ignored end of life |
11.10 oneiric | Ignored end of life | |
11.04 natty | Ignored end of life | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
linux-linaro-shared | 12.04 LTS precise | Ignored end of life |
11.10 oneiric | Ignored end of life | |
11.04 natty | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
linux-linaro-vexpress | 12.04 LTS precise | Ignored end of life |
11.10 oneiric | Ignored end of life | |
11.04 natty | Ignored end of life | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
linux-lts-backport-maverick | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release | |
linux-lts-backport-natty | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Not in release | |
linux-lts-backport-oneiric | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid |
Not affected
|
|
8.04 LTS hardy | Not in release | |
linux-mvl-dove | 12.04 LTS precise | Not in release |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release | |
linux-qcm-msm | 12.04 LTS precise | Ignored end of life |
11.10 oneiric | Ignored end of life | |
11.04 natty | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release | |
linux-ti-omap4 | 12.04 LTS precise |
Not affected
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release |
Notes
jdstrand
linux-armadaxp is maintained by OEM commit is from 2010. Ubuntu 10.04 LTS confirmed as not affected downgrading to ‘medium’ (and therefore will follow the standard kernel cadence update process). This is a 2 year old fix that only affects Ubuntu 8.04 LTS when using IPv6.
Patch details
Package | Patch details |
---|---|
linux |
|
References
Related Ubuntu Security Notices (USN)
- USN-1507-1
- Linux kernel vulnerabilities
- 17 July 2012