CVE-2013-4348

N/A Unknown

Published: November 04, 2013 Modified: April 29, 2026

Description

The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html

Source: secalert@redhat.com

Mailing List Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2013-1490.html

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2070-1

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/USN-2075-1

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1007939

Source: secalert@redhat.com

Issue Tracking Third Party Advisory

https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=6f092343855a71e03b8d209815d8c45bf3a27fcd

Source: secalert@redhat.com

Exploit Patch Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html