Medium severity5.5NVD Advisory· Published Jun 7, 2013· Updated Apr 29, 2026

CVE-2013-2128

Description

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <2.6.34

Patches

baff42ab1494

https://github.com/torvalds/linuxvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

www.openwall.com/lists/oss-security/2013/05/29/11nvdMailing ListPatchThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
github.com/torvalds/linux/commit/baff42ab1494528907bf4d5870359e31711746aenvdPatchThird Party Advisory
rhn.redhat.com/errata/RHSA-2013-1051.htmlnvdThird Party Advisory
ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000