VIR Vulnerability Intelligence Relay

CVE-2013-2017

high
Published 2013-05-03 · Modified 2026-04-29
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2013-2017

OS impact
OSVersionStatusFixed in
linux linux-kernelaffected
linux linux-kernel2.6.33affected
linux linux-kernel2.6.33.1affected
linux linux-kernel2.6.33.2affected
linux linux-kernel2.6.33.3affected
linux linux-kernel2.6.33.4affected
linux linux-kernel2.6.33.5affected
linux linux-kernel2.6.33.6affected
linux linux-kernel2.6.33.7affected
linux linux-kernel2.6.33.19affected
debian debianbookwormfixed2.6.34-1
debian debianbullseyefixed2.6.34-1
debian debianforkyfixed2.6.34-1
debian debiansidfixed2.6.34-1
debian debiantrixiefixed2.6.34-1
linux linux-kernel2.6.33.8affected
linux linux-kernel2.6.33.9affected
linux linux-kernel2.6.33.10affected
linux linux-kernel2.6.33.11affected
linux linux-kernel2.6.33.12affected
linux linux-kernel2.6.33.13affected
linux linux-kernel2.6.33.14affected
linux linux-kernel2.6.33.15affected
linux linux-kernel2.6.33.16affected
linux linux-kernel2.6.33.17affected
linux linux-kernel2.6.33.18affected

References

CWEs

CWE-399

Verify integrity in audit chain (admin only). AS-IS.