CVE-2011-0709

The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.
Severity
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Atk. Vector
NETWORK
Atk. Complexity
LOW
Priv. Required
NONE
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
VendorProductVersion
linuxlinux_kernel
𝑥
≤ 2.6.34.7
linuxlinux_kernel
2.6.35
linuxlinux_kernel
2.6.35
linuxlinux_kernel
2.6.35
linuxlinux_kernel
2.6.35
linuxlinux_kernel
2.6.35
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
natty
not-affected
maverick
Fixed 2.6.35-8.13
released
lucid
not-affected
karmic
not-affected
jaunty
not-affected
hardy
not-affected
dapper
dne
linux-ec2
natty
dne
maverick
ignored
lucid
not-affected
karmic
not-affected
hardy
dne
dapper
dne
linux-fsl-imx51
natty
dne
maverick
dne
lucid
not-affected
karmic
not-affected
hardy
dne
dapper
dne
linux-lts-backport-maverick
natty
dne
maverick
dne
lucid
Fixed 2.6.35-8.13~lucid1
released
karmic
dne
hardy
dne
dapper
dne
linux-lts-backport-natty
natty
dne
maverick
dne
lucid
not-affected
hardy
dne
linux-mvl-dove
natty
dne
maverick
not-affected
lucid
not-affected
karmic
ignored
hardy
dne
dapper
dne
linux-source-2.6.15
natty
dne
maverick
dne
lucid
dne
karmic
dne
hardy
dne
dapper
not-affected
linux-ti-omap4
natty
not-affected
maverick
not-affected
lucid
dne
karmic
dne
hardy
dne
dapper
dne