The ipv6_create_tempaddr function in net/ipv6/addrconf.c...
Low severity
Unreviewed
Published
May 5, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Feb 28, 2013
Published to the GitHub Advisory Database
May 5, 2022
Last updated
Feb 1, 2023
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attackers to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information, via ICMPv6 Router Advertisement (RA) messages.
References