{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-21T00:00:00", "descriptions": [{"lang": "en", "value": "Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-01-24T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2012:1540", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/f6d8bd051c391c1c0458a30b2a7abcd939329259"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f6d8bd051c391c1c0458a30b2a7abcd939329259"}, {"name": "[oss-security] 20120831 Re: CVE Request -- kernel: net: slab corruption due to improper synchronization around inet->opt", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/08/31/11"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853465"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:13:50.768Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2012:1540", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/f6d8bd051c391c1c0458a30b2a7abcd939329259"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f6d8bd051c391c1c0458a30b2a7abcd939329259"}, {"name": "[oss-security] 20120831 Re: CVE Request -- kernel: net: slab corruption due to improper synchronization around inet->opt", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/08/31/11"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853465"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-3552", "datePublished": "2012-10-03T10:00:00", "dateReserved": "2012-06-14T00:00:00", "dateUpdated": "2024-08-06T20:13:50.768Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0135A6D-9FB7-4E1B-B471-914E37494942", "versionEndExcluding": "3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "C0554C89-3716-49F3-BFAE-E008D5E4E29C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic."}, {"lang": "es", "value": "La aplicaci\u00f3n IP en el kernel de Linux antes de v3.0 podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio mediante el env\u00edo de paquetes a una aplicaci\u00f3n que configura las opciones de socket durante el manejo de tr\u00e1fico de red."}], "id": "CVE-2012-3552", "lastModified": "2023-02-13T00:25:52.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2012-10-03T11:02:57.220", "references": [{"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0"}, {"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f6d8bd051c391c1c0458a30b2a7abcd939329259"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2012/08/31/11"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853465"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/f6d8bd051c391c1c0458a30b2a7abcd939329259"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Hafid Lin for reporting this issue.", "affected_release": [{"advisory": "RHSA-2012:1540", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-308.24.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-12-04T00:00:00Z"}, {"advisory": "RHSA-2012:1304", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-279.9.1.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-09-25T00:00:00Z"}], "bugzilla": {"description": "kernel: net: slab corruption due to improper synchronization around inet->opt", "id": "853465", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853465"}, "csaw": false, "cvss": {"cvss_base_score": "5.4", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "status": "verified"}, "details": ["Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic."], "name": "CVE-2012-3552", "package_state": [{"cpe": "cpe:/o:redhat:rhel_eus:6.2", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux Extended Update Support 6.2"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2011-04-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-3552\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-3552"], "statement": "This issue did affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5.\nThis issue did affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6.\nThis issue did not affect the versions of Linux kernel as shipped with Red Hat Enterpise MRG 2.", "threat_severity": "Moderate"}