Upstream information
Description
The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 4.9 |
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:C |
| Access Vector | Local |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Complete |
Note from the SUSE Security Team
All shipping Linux kernels in products have CONFIG_TIPC=n, meaning TIPC support disabled. This means we are not affected by this issue. SUSE Bugzilla entry: 592573 [RESOLVED / FIXED] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Tue Jul 9 16:57:14 2013CVE page last modified: Fri Oct 7 12:45:54 2022
Run SAP
SUSE for Public Cloud
Security
