IETF IPv6 Protocol CVE-2016-10142 Denial of Service Vulnerability

IETF IPv6 is prone to a denial-of-service vulnerability.

Successfully exploiting this issue may allow remote attackers to trigger a kernel panic, denying service to legitimate users.

Successfully exploiting this issue may allow remote attackers to cause denial-of-service condition.

Information

Bugtraq ID: 95797
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2016-10142

Remote: Yes
Local: No
Published: Jan 24 2017 12:00AM
Credit: The vendor reported this issue.
Vulnerable: Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Linux kernel
IETF IPv6 0

Not Vulnerable:

References:

• CVE-2016-10142 kernel - IPV6 fragmentation flaw (IETF)
  
• IETF Homepage (IETF)
  
• Generation of IPv6 Atomic Fragments Considered Harmful (IETF)
  

Source: www.securityfocus.com