Описание
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 2.6.34-1 | package | |
| linux-2.6 | fixed | 2.6.34-1 | package | |
| linux-2.6 | not-affected | squeeze | package |
Примечания
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ec82562ffc6f297d0de36d65776cff8e5704867
http://marc.info/?l=linux-netdev&m=127310770900442&w=3
EPSS
Связанные уязвимости
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.
ELSA-2013-0911: kernel security, bug fix, and enhancement update (IMPORTANT)
EPSS