| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2014-9090 |
17 |
|
DoS |
2014-11-30 |
2015-06-04 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite. |
|
2 |
CVE-2014-8989 |
264 |
|
Bypass |
2014-11-30 |
2017-01-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c. |
|
3 |
CVE-2014-8884 |
119 |
|
DoS Overflow +Priv |
2014-11-30 |
2018-01-05 |
6.1 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Complete |
|
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. |
|
4 |
CVE-2014-8133 |
264 |
|
Bypass |
2014-12-17 |
2016-12-24 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value. |
|
5 |
CVE-2014-7842 |
362 |
|
DoS |
2014-11-30 |
2017-01-03 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313. |
|
6 |
CVE-2014-7841 |
399 |
|
DoS |
2014-11-30 |
2017-01-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. |
|
7 |
CVE-2014-3688 |
399 |
|
DoS |
2014-11-30 |
2016-08-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c. |
|
8 |
CVE-2014-3645 |
20 |
|
DoS |
2014-11-10 |
2015-03-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. |
|
9 |
CVE-2014-2889 |
189 |
|
DoS +Priv |
2014-04-27 |
2014-04-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges via a long jump after a conditional jump. |
|
10 |
CVE-2014-0038 |
20 |
2
|
+Priv |
2014-02-06 |
2018-01-03 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter. |
|
11 |
CVE-2013-7281 |
200 |
|
+Info |
2014-01-08 |
2017-08-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
12 |
CVE-2013-7271 |
20 |
|
+Info |
2014-01-06 |
2017-08-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
13 |
CVE-2013-7270 |
20 |
|
+Info |
2014-01-06 |
2017-08-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
14 |
CVE-2013-7269 |
20 |
|
+Info |
2014-01-06 |
2017-08-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
15 |
CVE-2013-7268 |
20 |
|
+Info |
2014-01-06 |
2014-03-16 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
16 |
CVE-2013-7267 |
20 |
|
+Info |
2014-01-06 |
2014-03-16 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
17 |
CVE-2013-7266 |
20 |
|
+Info |
2014-01-06 |
2014-03-16 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
18 |
CVE-2013-7265 |
20 |
|
+Info |
2014-01-06 |
2017-12-16 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
19 |
CVE-2013-7264 |
20 |
|
+Info |
2014-01-06 |
2017-12-16 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. |
|
20 |
CVE-2013-7263 |
20 |
|
+Info |
2014-01-06 |
2017-12-16 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. |
|
21 |
CVE-2013-7027 |
119 |
|
DoS Overflow |
2013-12-09 |
2014-03-16 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header. |
|
22 |
CVE-2013-7026 |
362 |
|
DoS |
2013-12-09 |
2014-01-08 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system calls. |
|
23 |
CVE-2013-6763 |
119 |
|
DoS Overflow +Priv Mem. Corr. |
2013-11-12 |
2014-01-08 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different vulnerability than CVE-2013-4511. |
|
24 |
CVE-2013-6432 |
|
|
DoS |
2013-12-09 |
2014-03-06 |
4.6 |
None |
Local |
Low |
??? |
None |
None |
Complete |
|
The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a crafted application. |
|
25 |
CVE-2013-6431 |
264 |
|
DoS |
2013-12-09 |
2014-03-06 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for an IPv6 SIOCADDRT ioctl call. |
|
26 |
CVE-2013-6383 |
264 |
|
Bypass |
2013-11-27 |
2014-03-26 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call. |
|
27 |
CVE-2013-6382 |
119 |
|
DoS Overflow Mem. Corr. |
2013-11-27 |
2016-12-31 |
4.0 |
None |
Local |
High |
Not required |
None |
None |
Complete |
|
Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. |
|
28 |
CVE-2013-6381 |
119 |
|
DoS Overflow |
2013-11-27 |
2016-12-31 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. |
|
29 |
CVE-2013-6380 |
20 |
|
DoS |
2013-11-27 |
2014-03-16 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via an FSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command. |
|
30 |
CVE-2013-6378 |
189 |
|
DoS |
2013-11-27 |
2014-07-17 |
4.4 |
None |
Local |
Medium |
??? |
None |
None |
Complete |
|
The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a zero-length write operation. |
|
31 |
CVE-2013-6376 |
189 |
|
DoS |
2013-12-14 |
2014-03-16 |
5.2 |
None |
Local Network |
Medium |
??? |
None |
None |
Complete |
|
The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode. |
|
32 |
CVE-2013-6368 |
20 |
|
DoS +Priv |
2013-12-14 |
2019-04-22 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
|
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. |
|
33 |
CVE-2013-6367 |
189 |
|
DoS |
2013-12-14 |
2018-01-09 |
5.7 |
None |
Local Network |
Medium |
Not required |
None |
None |
Complete |
|
The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. |
|
34 |
CVE-2013-6282 |
20 |
|
|
2013-11-20 |
2017-09-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013. |
|
35 |
CVE-2013-4592 |
399 |
|
DoS |
2013-11-20 |
2014-03-06 |
4.0 |
None |
Local |
High |
Not required |
None |
None |
Complete |
|
Memory leak in the __kvm_set_memory_region function in virt/kvm/kvm_main.c in the Linux kernel before 3.9 allows local users to cause a denial of service (memory consumption) by leveraging certain device access to trigger movement of memory slots. |
|
36 |
CVE-2013-4591 |
119 |
|
DoS Overflow Mem. Corr. |
2013-11-20 |
2016-12-31 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended attribute of a pathname on an NFSv4 filesystem. |
|
37 |
CVE-2013-4587 |
20 |
|
+Priv |
2013-12-14 |
2014-03-16 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value. |
|
38 |
CVE-2013-4579 |
310 |
|
|
2013-11-20 |
2014-03-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations. |
|
39 |
CVE-2013-4563 |
189 |
|
DoS |
2013-11-20 |
2014-03-06 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via a large IPv6 UDP packet, as demonstrated by use of the Token Bucket Filter (TBF) queueing discipline. |
|
40 |
CVE-2013-4516 |
200 |
|
+Info |
2013-11-12 |
2014-01-08 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. |
|
41 |
CVE-2013-4515 |
200 |
|
+Info |
2013-11-12 |
2014-03-06 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call. |
|
42 |
CVE-2013-4514 |
119 |
|
DoS Overflow |
2013-11-12 |
2016-12-31 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_uil_put_info and (2) wvlan_set_station_nickname functions. |
|
43 |
CVE-2013-4513 |
119 |
|
DoS Overflow |
2013-11-12 |
2016-12-31 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. |
|
44 |
CVE-2013-4512 |
119 |
|
DoS Overflow |
2013-11-12 |
2016-12-31 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation. |
|
45 |
CVE-2013-4511 |
189 |
|
Overflow +Priv |
2013-11-12 |
2014-03-06 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the (1) au1100fb_fb_mmap function in drivers/video/au1100fb.c and the (2) au1200fb_fb_mmap function in drivers/video/au1200fb.c. |
|
46 |
CVE-2013-4483 |
189 |
|
DoS |
2013-11-04 |
2015-03-18 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or system crash) via a crafted application. |
|
47 |
CVE-2013-4470 |
264 |
|
DoS +Priv Mem. Corr. |
2013-11-04 |
2018-01-09 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c. |
|
48 |
CVE-2013-4387 |
119 |
|
DoS Overflow Mem. Corr. |
2013-10-10 |
2014-03-26 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet. |
|
49 |
CVE-2013-4350 |
310 |
|
+Info |
2013-09-25 |
2014-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network. |
|
50 |
CVE-2013-4348 |
399 |
|
DoS |
2013-11-04 |
2014-03-06 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of a packet with IPIP encapsulation. |
