Denial of Service Vulnerability in Linux Kernel's sock_setsockopt Function

Denial of Service Vulnerability in Linux Kernel's sock_setsockopt Function

CVE-2012-6657 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.