Linux Kernel 'tcp_set_keepalive()' Function Denial of Service Vulnerability

Bugtraq ID:	69803
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2012-6657
Remote:	Yes
Local:	No
Published:	Sep 15 2014 12:00AM
Updated:	May 12 2015 07:41PM
Credit:	Prasad J Pandit of Red Hat.
Vulnerable:	SuSE SUSE Linux Enterprise Server Unsupported Extras 11 Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Linux kernel CentOS CentOS 6 Avaya Aura Experience Portal 6.0 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700
Not Vulnerable:

Linux Kernel 'tcp_set_keepalive()' Function Denial of Service Vulnerability

The Linux kernel is prone to a denial-of-service vulnerability.

Successfully exploiting this issue will allow attackers to crash the system kernel, denying service to legitimate users.

Linux Kernel 'tcp_set_keepalive()' Function Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Linux Kernel 'tcp_set_keepalive()' Function Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Linux Kernel 'tcp_set_keepalive()' Function Denial of Service Vulnerability

References:

• Linux kernel Homepage (kernel.org)