Denial of Service and Information Disclosure Vulnerability in Linux Kernel's IPv6 Temporary Address Generation

Denial of Service and Information Disclosure Vulnerability in Linux Kernel's IPv6 Temporary Address Generation

CVE-2013-0343 · LOW Severity

AV:A/AC:H/AU:N/C:P/I:N/A:P

The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.