CVE-2010-4263

Published: 18 January 2011

The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame.

From the Ubuntu security team

Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)
Patches:
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=31b24b955c3ebbb6f3008a6374e61cf7c05a193c
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.34~rc3)