
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2012-0094
 
Title: Linux kernel netfilter: null pointer dereference in nf_ct_frag6_reasm() [1]
 
Version history:
09.08.2012 Initial publication

Summary
=======
The Linux kernel is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to 
cause a kernel crash, denying service to legitimate users. [2]


CVE-2012-2744
CVSS v2 Base Score:7.8 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:C) [1,3]
Base Metrics:  

Vulnerable systems
==================
Linux kernel - see references

Original Details
================
A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm()function in the Linux kernel's 
netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to end
specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel 
module loaded, causing it to crash. [4]

What can you do?
================
Fix is available from different vendors 

What to tell your users?
========================
N/A

More information
================
[1] https://access.redhat.com/security/cve/CVE-2012-2744
[2] http://www.securityfocus.com/bid/54367/info
[3] Information about CVSS: http://www.first.org/cvss/cvss-guide.html
[4] http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-2744.html

Best regards,

CERT-EU Pre-configuration Team (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJQI24cAAoJEMQ9UMldbd3zYW8P/jr3xG6yhZngDwItWudjDLmL
56EyniYXpv6SGTooZIiKDg/Eet7jmGnZMre7qwCeh6g2r40c6tGH9cR+W6HdysW5
RY9L5P0FfNPslbD9X6HMBwYpCsDYDNWWznASnpo/OqhV+YNjde3/4hfuMI3klmT+
qUWnOp48uJ9Ytm5VoV0HMpdM1B93/znN+JTyV8DmTXkJtWw3wdufq7EYOb6nabKj
JUoAwyExJgZ62f1NQTmdjnpICsDJcsLpgDAcYV/FgmYfbBrhGI2dzdmzIH550Y17
pzy2YOBQzMYRNn/Pcr/SdkdWo9Nxgh8I/OA1tr7Pe4zpZOY0/x8fkc7uWi5hgpEh
zB1svHezZA2Y0zUdTWdUEu42w5agHwSqfytat78TmiQTRQRKPR/A+i/011JNRg5J
q1TbM7O0TotGOus6iwCnzQXp1ibMTeWdI9sSRv4xr6LbeidF6GkwB4qyJxP8NrzG
Lpn+jd28TA1rMufWkxHRQ4tWx5fY78Iw5kbHxrtA3oEOBcBfgSQM9imiLgL7AtRq
LYJezTH5KbHC+IXxa7v2NV6OxsgxRVrZz5gphyJXgTEaJjbPHOJjzKX/zbWFGHIH
fdkmko1/tmi/7wM7oF4S0hiMpvfVZT962HMzKGutYm1M6zy9IVgCmvAB8KK0Xx3o
MHg7T+XafwKckYEU2wZB
=sNKA
-----END PGP SIGNATURE-----