CVE-2011-3188

Published: 25 August 2011

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

From the Ubuntu security team

Dan Kaminsky discovered that the kernel incorrectly handled random sequence number generation. An attacker could use this flaw to possibly predict sequence numbers and inject packets.

Priority

CVSS 3 base score: 9.1

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)







	Patches: Upstream: http://git.kernel.org/linus/bc0b96b54a21246e377122d54569eef71cec535f Upstream: http://git.kernel.org/linus/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
linux-ec2 Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)







linux-fsl-imx51 Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)







linux-lts-backport-maverick Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)







linux-lts-backport-natty Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)







linux-lts-backport-oneiric Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)







linux-mvl-dove Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)







linux-ti-omap4 Launchpad, Ubuntu, Debian	Upstream	Released (3.1~rc1)

Notes

Author	Note
jdstrand	http://git.kernel.org/linus/bc0b96b54a21246e377122d54569eef71cec535f http://git.kernel.org/linus/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec

References

Bugs

https://launchpad.net/bugs/834129

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›