[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96078

 
 

909

 
 

78009

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-1576

Date: (C)2011-08-31   (M)2016-04-05
 
CVSS Score: 5.7Access Vector: ADJACENT_NETWORK
Exploitability Subscore: 5.5Access Complexity: MEDIUM
Impact Subscore: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE











The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.

Reference:
SECTRACK-1025853
BID-48907
IAVM:2012-A-0020
RHSA-2011:0927
RHSA-2011:1090
RHSA-2011:1106
https://bugzilla.redhat.com/show_bug.cgi?id=695173

CPE    3
cpe:/o:redhat:enterprise_linux:5
cpe:/o:linux:linux_kernel:2.6.18
cpe:/o:redhat:enterprise_linux:6
CWE    1
CWE-119
OVAL    10
oval:org.secpod.oval:def:400370
oval:org.secpod.oval:def:201572
oval:org.secpod.oval:def:500136
oval:org.secpod.oval:def:201602
...

© 2013 SecPod Technologies