CVE-2011-1576

The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.7 UNKNOWN
ADJACENT_NETWORK
MEDIUM
AV:A/AC:M/Au:N/C:N/I:N/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
linuxlinux_kernel
2.6.18
redhatenterprise_virtualization_hypervisor
*
redhatenterprise_linux
6.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
oneiric
not-affected
natty
Fixed 2.6.37-2.9
released
maverick
Fixed 2.6.35-30.60
released
lucid
Fixed 2.6.32-35.78
released
hardy
not-affected
linux-ec2
oneiric
dne
natty
dne
maverick
ignored
lucid
Fixed 2.6.32-319.39
released
hardy
dne
linux-fsl-imx51
oneiric
dne
natty
dne
maverick
dne
lucid
Fixed 2.6.31-611.29
released
hardy
dne
linux-lts-backport-maverick
oneiric
dne
natty
dne
maverick
dne
lucid
Fixed 2.6.35-30.60~lucid1
released
hardy
dne
linux-lts-backport-natty
oneiric
dne
natty
dne
maverick
dne
lucid
Fixed 2.6.38-1.27~lucid1
released
hardy
dne
linux-lts-backport-oneiric
oneiric
dne
natty
dne
maverick
dne
lucid
not-affected
hardy
dne
linux-mvl-dove
oneiric
dne
natty
dne
maverick
Fixed 2.6.32-419.37
released
lucid
Fixed 2.6.32-219.37
released
hardy
dne
linux-ti-omap4
oneiric
not-affected
natty
Fixed 2.6.38-1201.2
released
maverick
Fixed 2.6.35-903.25
released
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2011-0927.html
http://www.redhat.com/support/errata/RHSA-2011-1090.html
http://www.redhat.com/support/errata/RHSA-2011-1106.html
http://www.securityfocus.com/bid/48907
http://www.securitytracker.com/id?1025853
https://bugzilla.redhat.com/show_bug.cgi?id=695173
http://rhn.redhat.com/errata/RHSA-2011-0927.html
http://www.redhat.com/support/errata/RHSA-2011-1090.html
http://www.redhat.com/support/errata/RHSA-2011-1106.html
http://www.securityfocus.com/bid/48907
http://www.securitytracker.com/id?1025853
https://bugzilla.redhat.com/show_bug.cgi?id=695173