[CVE-2012-4444] acceptation of overlapping ipv6 fragments

Luis Henriques luis.henriques at canonical.com
Mon Nov 26 12:14:44 UTC 2012

Accepting overlapping fragmented ipv6 packets can lead to OS
fingerprinting, IDS/IPS insertion/evasion, firewall evasion.

Following this email, there are two patches that fix this issue on Lucid
and on Hardy.


More information about the kernel-team mailing list