Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 475606 (CVE-2013-2232) - Kernel : ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg (CVE-2013-2232)
Summary: Kernel : ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg ...
Alias: CVE-2013-2232
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on:
Reported: 2013-07-03 09:07 UTC by Agostino Sarubbo
Modified: 2022-03-25 15:25 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-07-03 09:07:56 UTC
From ${URL} :

commit a963a37d384d71ad43b3e9e79d68d42fbe0901f3
Author: Eric Dumazet <>
Date:   Wed Jun 26 04:15:07 2013 -0700

    ipv6: ip6_sk_dst_check() must not assume ipv6 dst

    It's possible to use AF_INET6 sockets and to connect to an IPv4
    destination. After this, socket dst cache is a pointer to a rtable,
    not rt6_info.

    ip6_sk_dst_check() should check the socket dst cache is IPv6, or else
    various corruptions/crashes can happen.

    Dave Jones can reproduce immediate crash with
    trinity -q -l off -n -c sendmsg -c connect

    With help from Hannes Frederic Sowa

    Reported-by: Dave Jones <>
    Reported-by: Hannes Frederic Sowa <>
    Signed-off-by: Eric Dumazet <>
    Acked-by: Hannes Frederic Sowa <>
    Signed-off-by: David S. Miller <>
Comment 1 Tom Wijsman (TomWij) (RETIRED) gentoo-dev 2013-07-03 15:25:16 UTC
Present in 3.10, not queued for earlier branches; applied patch in genpatches.

r2430 | tomwij | 2013-07-03 17:23:58 +0200 (Wed, 03 Jul 2013) | 1 line

Applied ipv6 sk_dst check fix against corruption and crashes for bug #475606 to branches 3.0, 3.2, 3.4 and 3.9.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2013-08-30 01:41:41 UTC
CVE-2013-2232 (
  The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel
  before 3.10 allows local users to cause a denial of service (system crash)
  by using an AF_INET6 socket for a connection to an IPv4 interface.
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-25 15:25:32 UTC
In 3.4.55 onward