Unrated severityNVD Advisory· Published Nov 20, 2013· Updated Jun 16, 2026
CVE-2013-4563
CVE-2013-4563
Description
The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via a large IPv6 UDP packet, as demonstrated by use of the Token Bucket Filter (TBF) queueing discipline.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- www.openwall.com/lists/oss-security/2013/11/13/9nvdMailing ListPatch
- github.com/torvalds/linux/commit/0e033e04c2678dbbe74a46b23fffb7bb918c288envdExploitPatch
- git.kernel.orgnvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.htmlnvdMailing ListThird Party Advisory
- www.ubuntu.com/usn/USN-2113-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2117-1nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.