Описание
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
Отчет
This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not support Generic Receive Offload (GRO). This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html and https://rhn.redhat.com/errata/RHSA-2011-1189.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise MRG 1 | realtime-kernel | Affected | ||
| Red Hat Enterprise Linux 5 | kernel | Fixed | RHSA-2011:0927 | 15.07.2011 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2011:1189 | 23.08.2011 |
| Red Hat Enterprise Linux 6.0 EUS - Server Only | kernel | Fixed | RHSA-2011:1106 | 02.08.2011 |
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2011:1253 | 12.09.2011 |
Показывать по
Дополнительная информация
Статус:
5.7 Medium
CVSS2
Связанные уязвимости
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
The Generic Receive Offload (GRO) implementation in the Linux kernel 2 ...
The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
ELSA-2011-2038: Unbreakable Enterprise kernel security update (IMPORTANT)
5.7 Medium
CVSS2