Skip to main content
CVE-2012-6638 HIGH PATCH This Week

The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
7.8
EPSS
1.1%
CVE-2012-2663 HIGH PATCH This Week

extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Iptables
NVD
CVSS 2.0
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy