Unrated severityNVD Advisory· Published Feb 15, 2014· Updated Apr 29, 2026

CVE-2012-6638

Description

The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <3.0.38

Patches

fdf5af0daf80

https://github.com/torvalds/linuxvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/torvalds/linux/commit/fdf5af0daf8019cec2396cdef8fb042d80fe71fanvdPatchThird Party Advisory
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24nvdVendor Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000