DEBIAN-CVE-2013-4350

DEBIAN-CVE-2013-4350 PUBLISHED CVSS 8.699999809265137 HIGH

The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network.

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Debian:11	linux	0, 0, 0
Debian:12	linux	0, 0, 0
Debian:13	linux	0, 0, 0
Debian:14	linux	0, 0, 0

Timeline

Sep 25, 2013 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2013-4350 advisory

Open in Interactive Console →